Washington Post says job seeker data was breached

More than 1 million user IDs and e-mail addresses are exposed by breach on newspaper jobs site.

About 1.27 million user IDs and e-mail addresses belonging to people looking for employment on The Washington Post Jobs Web site were affected by a data breach last week, the newspaper says.

"We discovered that an unauthorized third party attacked our Jobs website and was able to obtain access to certain user IDs and e-mail addresses. No passwords or other personal information was affected," the company said in a notice on its site. "We are taking this incident very seriously. We quickly identified the vulnerability and shut it down, and are pursuing the matter with law enforcement. We sincerely apologize for this inconvenience."

The attack happened on June 27 and June 28, the statement said, adding that the accounts on the site remain secure.

The company said affected people may get spam and warned them to be wary of unsolicited e-mails that could be phishing attacks designed to steal passwords and other data. For instance, hackers could send e-mails purporting to be from The Washington Post that trick recipients to reveal their passwords or credit card information.

About the author

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.


Discuss Washington Post says job seeker data was...

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Articles from CNET
I took me out to a ball game, where tech called balls and strikes