Breach at Gannett subsidiary yields data on subscribers

Gannett Government Media – publisher of the Army Times, Defense News, Federal Times and a number of other government news websites – has sustained a digital intrusion that exposed the personal information of subscribers, including U.S. military personnel. In a message posted to its website Monday, Gannett Government Media said it discovered that attackers on June 7 gained unauthorized access to files containing the personal information of some users. The compromised data includes names, user IDs, passwords, email addresses and, if provided, ZIP codes, military duty status, pay grade and branch of service.

No financial data was compromised, the company said. The attack also prevented some users from accessing all or parts of the targeted sites.

It is not known how many people were affected, nor how the adversaries broke in.

“The number of individuals that were affected was a very small percent of our users of the sites,” Elaine Howard, president and CEO of Gannett Government Media, told SCMagazineUS.com in an email Thursday. “The majority of our users do not register for access, therefore personal information was not obtained.”

The websites affected include the Air Force Times, Armed Forces Journal, Army Times, C4ISR Journal, Defense News, Federal Times, Marine Corps Times, Military Times, Military Times Edge, Navy Times and Training & Simulation Journal.

The company — formerly known as the Army Times Publishing Co. before being purchased by media conglomerate Gannett in 1997 — has advised users to reset their passwords for all Gannett Government Media sites, as well as at other online accounts that use the same email address.

Gannett Government Media has been working with an outside computer forensic firm to investigate the breach and strengthen its security controls, the company said. Email notifications have been sent to affected individuals.

“We deeply regret any inconvenience that this may cause and appreciate your understanding,” the company said in its statement. “We take the security and privacy of your information very seriously and will continue to work diligently to protect your information.”

Harry Sverdlove, CTO of security firm Bit9, wrote in a blog post on Wednesday that Gannett Government Media should be “embarrassed” for storing customer passwords in its databases without encrypting them.

The stolen information will likely be used to perpetrate additional crimes against members of the military and their contacts, he added.

Since users commonly recycle the same passwords for multiple sites, their social networking and email accounts may be targeted in spear phishing attacks that try to siphon even more confidential data, he said.

“[Cybercriminals] use information stolen today to launch deeper attacks tomorrow,” Sverdlove wrote. “If thousands of military personnel passwords have been compromised, the possibility for subsequent breaches is high.”

If recent history is any indication, Sverdlove could be right

In the case of the RSA SecurID breach, for example, criminals leveraged the stolen information in an attack on U.S. defense contractor Lockheed Martin months after the initial breach.

Angela Moscaritolo

June 29 2011

Updated Thursday, June 30, 2011 at 1:11 p.m. EST

http://www.scmagazineus.com/breach-at-gannett-subsidiary-yields-data-on-subscribers/printarticle/206418/

Advertisements

Leave a comment

Filed under Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s