Washington Post Data Breach Affects More Than 1 Million Job Seekers

User IDs, email addresses compromised in two separate attacks

1 Min Read

The Washington Post reported Thursday night that user IDs and email addresses of more than 1 million job seekers on its Jobs site have been compromised.

"We discovered that an unauthorized third party attacked our Jobs website and was able to obtain access to certain user IDs and e-mail addresses," the Post reported in an online message. "No passwords or other personal information was affected." The vulnerability has been identified and shut down, the newspaper said.

The attack occurred in two brief episodes -- once on June 27 and once on June 28, according to the message. The newspaper said it is not sure of the exact number of individuals affected, but roughly 1.27 million user IDs and email passwords might have been compromised.

The Post says that users whose email addresses were accessed might receive some spam, but the newspaper believes that the accounts on the Jobs site remain secure.

The newspaper did not give details on the exact nature of the attack, what the vulnerability was, or how it was shut down. "We have implemented additional measures to prevent against a similar attack in the future, and we are pursuing the matter with law enforcement," the message said. "In addition, we are conducting a thorough audit of the security of the Jobs site."

The incident follows a June 7 cyberattack on Gannett Government Media, publisher of several publications for the military and government readers. The attackers accessed files containing personal subscriber data, including name, user ID, password, email address, and customer numbers.

Have a comment on this story? Please click "Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Tim Wilson, Editor in Chief, Dark Reading


Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one of the top cyber security journalists in the US in voting among his peers, conducted by the SANS Institute. In 2011 he was named one of the 50 Most Powerful Voices in Security by SYS-CON Media.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights