About 1.27 million user IDs and e-mail addresses belonging to people looking for employment on The Washington Post Jobs Web site were affected by a data breach last week, the newspaper says.
"We discovered that an unauthorized third party attacked our Jobs website and was able to obtain access to certain user IDs and e-mail addresses. No passwords or other personal information was affected," the company said in a notice on its site. "We are taking this incident very seriously. We quickly identified the vulnerability and shut it down, and are pursuing the matter with law enforcement. We sincerely apologize for this inconvenience."
The attack happened on June 27 and June 28, the statement said, adding that the accounts on the site remain secure.
The company said affected people may get spam and warned them to be wary of unsolicited e-mails that could be phishing attacks designed to steal passwords and other data. For instance, hackers could send e-mails purporting to be from The Washington Post that trick recipients to reveal their passwords or credit card information.