The Wall Street Journal has taken some of its systems offline after a cybersecurity breach that has potentially compromised the personal information of wsj.com’s users, as well as the credentials needed to control the site’s servers.
WSJ announced the cyberattack yesterday, stating the computing systems for its news graphics were “hacked by outside parties.” Although the company claims it has yet to see any signs of damage, the systems are still under review.
“We are investigating an incident related to wsj.com’s graphics systems. At this point we see no evidence of any impact to Dow Jones customers or customer data,” a spokeswoman for the Journal said.
A hacker who goes by the name “w0rm” has claimed responsibility for the hack, tweeting a screenshot of his work on Monday:
According to the Journal, w0rm is offering to sell the information of wsj.com’s users as well as the access to the site’s servers, which would give the possessor the ability to modify articles on the site, add or delete content and users, and insert malware. w0rm sent another tweet in which he appears to demand 1 bitcoin (worth about $621 U.S.) for the Journal’s database:
L.A.-based cybersecurity firm IntelCrawler first alerted the Journal to the hack. IntelCrawler’s chief executive Andrew Komarov said his team has been monitoring w0rm’s actions and that the hacker has also attacked other media companies including Vice.