Updated on 2022-10-05: Fast Company hacked to send obscene push notification
Pour one out for Fast Company, whose website is still down a week after its backend content management system was hacked — and very publicly. Credentials stored in the CMS allowed the cybercriminal to push a racial slur as an Apple News push notification. Apple really wanted you to know it had nothing to do with it and it was Fast Company’s fault. (Cue the sound of a bus reversing.) How did it go down?
An incredibly offensive alert was sent by Fast Company, which has been hacked. Apple News has disabled their channel.
— Apple News (@AppleNews) September 28, 2022
Thankfully an article posted by the cybercriminal described exactly how they did it, putting much of the blame on a shared password with wide CMS access. Newsrooms are typically underfunded and cybersecurity often isn’t a priority. But websites and media outlets wield wide readerships and influence, making them an easy target. @josephfcox interviewed the hacker, who had an ominous warning: the breach “had the potential to shift markets. Instead, I chose to embarrass Fast Company.”
New: spoke to the hacker who hijacked Fast Company's Apple News account and sent a push alert to its users. "Anyone could have done it," they said. Hack started by looking at site that displays publicly exposed credentials, they said.https://t.co/vE8uaVRnae
— Joseph Cox (afk, writing a book) (@josephfcox) September 29, 2022
Read more:
- Fast Company’s Apple News access hijacked to send an obscene push notification
- Fast Company Hacker on Rogue Apple News Notification: ‘Anyone Could Have Done It’
- Media company hacked, racist push notifications sent to Apple iPhones
- Apple News users receive racist messages after Fast Company hacked
- Fast Company shuts website after hack sends ‘obscene’ Apple News notifications
- Fast Company Hacker on Rogue Apple News Notification: ‘Anyone Could Have Done It’
Updated on 2022-09-29: FastCompany hacked
News media outlet FastCompany said that a threat actor hacked its CMS on Tuesday and sent out obscene and racist push notifications to its customers through its Apple News account, which was connected to the CMS backend.
Fast Company's Apple News account was hacked on Tuesday evening. Two obscene and racist push notifications were sent about a minute apart.
The messages are vile and not in line with the content and ethos of Fast Company. (continued below)
— Fast Company (@FastCompany) September 28, 2022
An incredibly offensive alert was sent by Fast Company, which has been hacked. Apple News has disabled their channel.
— Apple News (@AppleNews) September 28, 2022
Overview
Fast Company was forced to take its website offline after it was hacked to push Apple News notifications and display stories containing racist and obscene comments. Read more: Hacker shares how they allegedly breached Fast Company’s site
