The Washington Post Jobs website was hacked twice at the end of June, the paper recently announced.
Though it stressed no passwords or personal user information was compromised, the Post acknowledged hackers infiltrated the Jobs website on June 27 and 28 and accessed user IDs and passwords. The paper estimates 1.27 million users might have been victimized, but it says Jobs accounts are still useable and the internet security vulnerability has been fixed.
In an announcement on its Jobs site, the Post warned users might be targeted by phishing schemes as a result of the hack. The paper cautioned users not to respond to emails soliciting personal information like bank or credit card account numbers. Users were also advised not to click on any links in suspicious emails and to activate spam filters on their email accounts.
In another instance of a newspaper website being exploited by cyber criminals, an international computer security enforcement team arrested two men last month who executed a "malvertising" scheme by posting a bogus ad on the Minneapolis Star Tribune site. Users who clicked on the ad had their computers infected with malware that froze their systems unless they bought so-called computer security software.