Business Insider was hacked on Wednesday morning.
Attackers identifying themselves as OurMine posted and edited stories on the US version of the website. “Hey, don’t worry we are just testing your security, we didn’t change your password or anything,” the message said. A push notification was also sent to users of Business Insider’s app.
We apologise for the inconvenience, and are working on getting things back to normal as soon as possible.
The attack appears to have taken advantage of the fact that at least one Business Insider employee with publishing privileges re-used a password across multiple sites.
Hackers use passwords found in data dumps taken from previously re-used hacks, and try them on user accounts on other sites. This summer, numerous celebrities — from Facebook’s Mark Zuckerberg to singer Drake — had their Twitter accounts compromised this way.
OurMine is a particularly prolific group dedicated to doing this, and almost always claims to be merely testing the victim’s security.
Business news site Inc was also hacked by OurMine on Wednesday.
Security experts recommend that you should use a strong, unique password for each internet account you own, managing them with a password manager app if necessary, and with two-factor authentication enabled.