Few hours back Syrian Electronic Army leaked the details on twitter in a tweet containing the link to the leaked data.
@Forbes users table dump:TXT version: https://22.214.171.124/forbes-wp_users.txt Compressed: https://126.96.36.199/forbes-wp_users.txt.zip #SEA
— SyrianElectronicArmy (@Official_SEA16) February 15, 2014
The leaked data contains Users login details including username, email and passwords, while the passwords are in encrypted format used by the wordpress websites. though the encryption is not too difficult to crack for someone having basic information over the “hashes” types and decryption procedure.
it looks like The leaked data contains login details of admin, Authors, other officials of forbes and large part comes from readers.
Forbes in a statement have confirmed the leak and have asked users to change their login details, “Forbes.com was targeted in a digital attack and our publishing platform was compromised. Users’ email addresses may have been exposed. The passwords were encrypted, but as a precaution, we strongly encourage Forbes readers and contributors to change their passwords on our system, and encourage them to change them on other websites if they use the same password elsewhere. We have notified law enforcement. We take this matter very seriously and apologize to the members of our community for this breach.”
The data which is uploaded on a server based in U.K seems to be secure and is still up from last 6 hours. The reason behind the leak “was that forbes “posted many articles against the SEA, with much hate for Syria.” said Syrian Electronic Army.” it is still unknown how the SEA managed to hack into the Forbes Administrative panel, leaving behind a tweet “@Forbes can thank @TheAlexKnapp for this hack. #SEA” which suggest that Social media editor and staff writer of Forbes “Alex Knapp” Account was the one compromised first.