Fast Company, a US-based business news publication, stated on Wednesday that two racist offensive push notifications were delivered to consumers via its Apple News alerts as a result of a high-profile media feed hack.
As soon as the situation was rectified, Apple took down the Fast Company channel from its platform. In order to offer push alerts to Apple consumers who subscribe to the news publisher’s channel, news publishers utilizing the Apple News aggregation application can link existing digital publishing tools to Apple News.
Fast Company claims that such publishing tools were compromised by hackers. Two offensive and racist push notifications were sent by hackers one minute apart, according to a tweet from Fast Company, which also stated that the Apple News stream had been suspended while the problem was examined.
Before it vanished, the hackers left a statement on Fast Company’s website explaining how they gained access by using a password that was used by numerous users, including an administrator.
The hackers gave the following message, “Wow, Fast Company. Despite the public defacement of your site, which boasts millions of visitors, all you did was hastily change your database credentials, disable outside connections to the database server, and fix the articles. What an absolute disgrace of a news source, and one that I would personally avoid due to how little they care about user security.”
The hacker behind the intrusion, who goes by the handle “Thrax,” however, released a sponsored content article before the site was taken down that described how the attackers were able to hack the magazine. According to the message, Fast Company had login details that were “ridiculously easy” and used on numerous accounts, such as an administrator.
The hacker was able to send out emails using any @fastcompany.com email thanks to the attacker’s access to a variety of sensitive data, namely authentication tokens, Apple News API credentials, and Amazon Simple Email Service (SES) tokens. The Fast Company hacker stated they were unable to access client records because they were probably kept in a database server.
The hacker claims to have earlier compromised the photo-sharing portal ClickASnap and the self-described free-speech social media platform USA Life. In a separate message posted on Sunday to a well-known hacking forum, the attacker stated they were going to release a database with 6,737 Fast Company employee information. This database included information on the employees’ email accounts, password hashes, unpublished drafts, etc.
Reuters attempted to access the Fast Company website on Tuesday night, but it was unavailable and the page gave a 404 error. Following the shutdown, Fast Company claimed that the notifications were sent using a hack of its content management system, which is used by news organizations to publish and maintain their stories.
Business, technology, and design are the main topics of the American business magazine Fast Company. It is accessible online and in print. Six print issues are published each year. Fast Company is owned by the publishing firm Mansueto Ventures LLC.
I am a law graduate from NLU Lucknow. I have a flair for creative writing and hence in my free time work as a freelance content writer.