Two prominent media organizations have suffered data security breaches of varying degrees.
In one, Thompson Reuters “left an open database with sensitive customer and corporate data, including third-party server passwords in plaintext format,” Cybernews reports. ”Attackers could use the details for a supply-chain attack.”
In the other episode, the New York Post’s Twitter account was hacked and used to post racist and other objectionable headlines.
The incidents show that news media are just as vulnerable as corporations in general to breaches in cybersecurity.
The Thompson Reuters breach, potentially the more serious incident, exposed 3TB of data from the public-facing ElasticSearch database, and two other databases, including one described as non-production, CyberNews alleges.
Thompson Reuters said, “Upon notification we immediately investigated the findings provided by Cybernews regarding the three potentially misconfigured servers,” according to Cybernews.
Cybernews continues, “The leading theory so far is that an ‘isolated error in the product environment resulted in the inadvertent misconfiguration of the non-production environment.’"
Two of the exposed servers were designed to be publicly accessible, while the third is a non-production server used for ONESOURCE, a Thomson Reuters product, Cybernews added.
“This non-production server only houses application logs from the pre-production/implementation environment of that product and is only associated with a small subset of Thomson Reuters Global Trade, said. customers,” the company explained.
Variety reports that the Post episode was caused by an employee who posted objectionable headlines on the company’s Twitter account, including:
‘We Must Assassinate AOC for America”
Gov. Abbott: I will Start Ordering Border Patrol to Start Slaughtering Illegals”
One headline quoted a candidate making a very racist comment concerning Mayor Eric Adams.
The Post, a News Corp. daily that reportedly has 2.8 million Twitter followers, told Variety that the employee was fired. It added, “This morning, we immediately removed the vile and reprehensible content from our website and social media accounts.”