PR Newswire Hacked

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Hold Security researchers have determined that the same hackers who recently hit Adobe also breached PR Newswire earlier this year (h/t Computerworld).

"Partial Web site source code and configuration data along with a database of PR Newswire customers was found on the same server where Adobe Systems' source code was located. ... The database date appears to be from March 8, 2013 but it is unclear yet if the breach had happened at the same time or at a later date, as the archive was created on April 22, 2013," Hold Security said in a statement.

Later, the researchers added, "There is evidence, dated February 13, 2013, of a large-scale attack targeting PR Newswire’s multiple networks hitting over 2,000 IP addresses using ColdFusion exploits."

In a statement given to Krebs on Security's Brian Krebs, PR Newswire acknowledged the breach and explained, "The database contains approximately 10,000 records; however, there is only a minority of active users on this database. Those users represent an even smaller number of customers, as each customer generally has multiple usernames. PR Newswire decided to implemented a mandatory password reset for all customers with accounts on this database as a precautionary measure."