The Washington Post announced that on two days last week—27 and 28 June—the jobs section of its website was hacked, and some 1.27 million user IDs and e-mail addresses were taken. The Post's jobs site "allows users to search job listings and post résumés," the paper says. The Post's FAQ page regarding the hack, however, says no passwords or other pieces of personal information were stolen.
The Post said it took until late Wednesday to reveal the attack because it needed time to "investigate the attack, retest the site’s security systems, and discuss the matter with law enforcement."
The Post's spokeswoman Kris Coratti further explained: "We wanted to make sure that we had a complete understanding as to what had happened and the potential consequences so that we could provide our customers with information that was as accurate and helpful as possible."
The Post states that it "sincerely apologize[s] for this inconvenience" and is pursuing the incident with law enforcement.
Robert N. Charette is a Contributing Editor to IEEE Spectrum and an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.