Fast Company experienced a breach that allowed a hacker to obtain a treasure of information from its website, post content, and fire-off inappropriate messages via Apple News. The publication responded by taking down its website and apologizing to the public.
Screenshots of the offensive messages began to circle the internet as subscribers reacted to the Apple News messages before the publication was able to quickly respond. The hacker was also able to gain access to publishing an article claiming responsibility of what they did, as well as download a trove of information.
The publication published a message in place of loading the website (at the time of writing this) that states the following:
“Fast Company’s content management system was breached Tuesday evening. As a result, two obscene and racist push notifications were sent to our followers in Apple News about a minute apart. The messages are vile and are not in line with the content and ethos of Fast Company. Tuesday’s breach follows an apparently related event that occurred Sunday afternoon on FastCompany.com, when an unknown actor (or actors) posted similar language on the site’s home page and other pages. Fast Company regrets that such abhorrent language appeared on our platforms and in Apple News, and we apologize to anyone who saw it before it was taken down. We immediately retained a leading global incident response and cybersecurity firm and together are investigating the situation. We have shut down FastCompany.com until the situation is resolved.”
Of the information accessed, the hacker (identified as “Thrax”) claims to have accessed thousands of employee records, copies of unpublished drafts, and more. All of which, they planned to release to the public, per a statement made by the hacker via an online hacking community/website. They were also able to obtain various API key information, which is how they were able to access and make use of the publication’s Apple News account.
For now, the website appears to be offline until the publication and clean things up and verify that everything has been secured. Also, Apple has suspended Fast Company’s Apple News account to prevent any further unauthorized use of the publication’s account.