Army Times, Defense News, other Gannett government sites hacked; reader data accessed
This article was originally on a blog post platform and may be missing photos, graphics or links. See About archive blog posts.
Gannett Government Media -- publisher of a dozen websites for the Army Times, Defense News and other government news websites and newspapers -- has had its Web servers hacked.
The company announced the security breach in a notice online on June 7, when the government-serving division of mega-publisher Gannett says it first learned of the hack. But on Tuesday morning, the details of the Web attack were disclosed by the company to its readers in an email:
We discovered that the Gannett Government Media family of websites suffered a cyber attack resulting in unauthorized access to files containing information of some of our users. The information in those files included your first and last name, userID, password, email address, the internal number we assigned to your account, and if you provided the information, your ZIP code, duty status, paygrade, and branch of service. We want to assure you that no financial (e.g. credit or debit card) information was compromised. Financial information is stored on a completely different system.
The websites affected include Defense News, Defense News TV, the Armed Forces Journal, the Federal Times, Military Times, Military Times Edge, Army Times, Navy Times, Air Force Times, Marine Corps Times, the C4ISR Journal, and the Training and Simulation Journal.
In the email, which was also posted in shorter form on Gannett’s government news sites, the media giant said it hired an “outside computer forensics company to help us investigate and strengthen our controls to safeguard against future breaches” shortly after learning about the hacking.
The media company said its readers should “be on the lookout” for emails that look legitimate but are asking people to provide credit card or bank account numbers, Social Security numbers and other private information.
Gannett warned against clicking on links in the body of the message “that lead to websites asking you to login or to enter your personal information” and also advised against downloading or opening attachments in the emails as they may contain malware, viruses or spyware.
“Gannett Government Media Corporation or Defense News will never send you emails asking for your credit card number, social security number or other personally identifiable information,” the email said.
The company also suggested that users “reset or strengthen your passwords on your Gannett Government Media Corporation or Defense News accounts and any of your other online accounts, particularly those that use the same email address you use for your Gannett Government Media Corporation or Defense News account as a user name or account identifier.”
-- Nathan Olivarez-Giles