For as much as cybersecurity professionals talk about insider threats, you still never expect it to actually impact your organization.
Earlier today, The New York Post announced it had been hacked by an employee who posted incredibly offensive headlines to its website and Twitter page. The Post immediately removed everything that was online, fired the employee, and shared this tweet:
The New York Post has been hacked. We are currently investigating the cause.— New York Post (@nypost) October 27, 2022
If you're wondering how bad the headlines were, the answer is that they were very bad. The headlines included racist, violent, and sexually explicit comments targeting well-known politicians, such as Rep. Alexandria Ocasio-Cortez, NYC Mayor Eric Adams, New York Governor Kathy Hochul, Texas Governor Gregg Abbot, and President Joe Biden.
The words were certainly too vulgar to print in this article, but if you are really curious, the internet is a large and dark space.
While an investigation is still underway to determine how an employee was able to access and deface the platforms, a spokesperson for The Post did share this statement:
"The New York Post's investigation indicates that the unauthorized conduct was committed by an employee, and the employee has been terminated. This morning, we immediately removed the vile and reprehensible content from our website and social media accounts."
This hack of the newspaper is similar to an incident that occurred approximately one month ago, where American business magazine Fast Company was forced to shut down its website for two weeks after a threat actor gained unauthorized access and sent racist push notifications to Apple News users.
Back in February of this year, News Corp, the parent company of The Post, announced it fell victim to a cyberattack targeting employee email accounts. The company said the attack affected a limited number of people and that it believed the incident was an espionage operation backed by China, describing it as a "persistent nation-state attack."
Though, it is unlikely the February hack and the incident today are related.
Follow SecureWorld News for more updates on this incident, as well coverage of the cybersecurity industry.