Email address, names snatched from DefenseNews make great fodder for spear phishing attacks, says expert
Computerworld - Email addresses and names of subscribers to DefenseNews, a highly-regarded website that covers national and international military and defense news, were accessed by hackers and presumed stolen, Gannett announced yesterday.
"We discovered that the attacker gained unauthorized access to files containing information of some of our users," said Gannett Government Media, an arm of the media chain that publishes not only DefenseNews, but also the Military Times and Federal Times sites, as well as a number of military-specific magazines and journals, ranging from the Army Times to the Intelligence, Surveillance and Reconnaissance Journal.
In a message posted to its site Monday, Gannett acknowledged that the accessed information included first and last names, email addresses, account passwords, and duty status branch of service for military personnel.
----------------------------------------------------
Gannett urged registered users to reset their site passwords, "as well as your other online accounts, particularly those that use the same email address used for your Gannett Government Media Corporation account."
The attack was first detected June 7.
One security expert said it was possible the attack against DefenseNews and the other sites Gannett operates was targeted, perhaps by state-backed hackers. "It's hard to know if this was just part of the general ransacking of sites, or an attempt to obtain valuable information for spear-phishing," said Anup Ghosh, the founder and CEO of Web security firm Invincea. More
