The Electronic (SEA) has been very busy lately. Recently it was and then
Now it has added Forbes.com to its list.
SEA posted a tweet saying it had the Forbes website, claiming to have published a database containing more than one million user names and sign-in credentials from Forbes.com, the website of the business magazine.
http://t.co/0HbTuGgsU1 by the Electronic #SEA. pic.twitter.com/SlfXYv7HUv
— Electronic (@Official_SEA16) February 14, 2014
Forbes confirmed it on its Facebook page and Twitter on Friday.
Forbes was targeted in a digital attack and our website was compromised. We are looking into the matter closely: http://t.co/ruldZDCQyO
— Forbes (@Forbes) February 14, 2014
It went on to advise that even though the passwords were encrypted, Forbes.com readers should change their passwords on its system once it makes sign-on available again. It also said that it had notified law enforcement.
e claimed to have seen the data, and that it contains the names and known email addresses of several current and former employees at Forbes. But the passwords are displayed as hashes, which is a term of art meaning that the passwords arent shown in plain text. For example the word passwords might be recorded in the database as $P$98tqH9rq4bGEc1E6oThXjM3J.5xU3t. However, passwords could potentially be recovered by someone who understands the nuances of password hashing.
Meanwhile, the Forbes blog page continues to be down.