Fast Company Website Back Online After Apple News Hack

The attack occurred earlier this week and was perpetrated thanks to embarrassingly lax password security.
Conor Cawley

After eight long days, the Fast Company website is back online. The digital arm of the business magazine shut down for more than a week after a cyberattack pushed obscene notifications to Apple News users that followed Fast Company.

Even worse, the attack was perpetrated thanks to extremely lax password security, which the hackers insisted features embarrassingly easy to use guess login credentials.

The attack is a stark reminder for businesses of all sizes that passwords are the first line of defense against these kinds of hacks and that shoring up your security could save you millions.

The Fast Company Website Shut Down for Eight Days

On Tuesday, September 27th, Apple News users that followed Fast Company received an obscene and offensive push notification, which we will not repeat on Tech.co, although a quick Twitter search will likely help you find it if you absolutely need to see it. The message was naturally the result of a cyberattack, which Fast Company confirmed in a statement:

“Fast Company’s Apple News account was hacked on Tuesday evening. Two obscene and racist push notifications were sent about a minute apart. The messages are vile and are not in line with the content of Fast Company. We are investigating the situation and have suspended the feed and shut down FastCompany.com until we are certain the situation has been resolved.”

The hack was just the beginning, though. The attacker — who went back the moniker “Thrax” in the initial notification — also gained access to the Fast Company CMS via WordPress. This allowed them to view everything from unpublished drafts to company records, including email addresses and passwords of more than 6,000 employees.

Fast Company shut down its website in order to mitigate the damage, as well as the websites for its other publications it owns, including Inc.com and Mansueto.com.

How Did Fast Company Get Hacked?

In 2022, cybercriminals are extremely knowledgeable, employing advanced tactics to gain access to secure databases that house valuable company and employee information.

However, this cybercriminal didn't need to do all that, as Fast Company reportedly utilize some extremely lax password security to keep its information safe, which the hacker was able to guess.

The hacker posted a message stating that Fast Company utilized unbelievably easy-to-guess passwords to secure its WordPress CMS and, even worse, used that same password for multiple accounts. This gave the attacker access to a wide range of data, including the Apple News API, which allows them to send the push notification to users.

It's not the first time we've heard of an attack stemming from an easy-to-guess password. Just a few weeks ago, the hotel chain Intercontinental Hotel Group was infiltrated due to using the password ‘Qwerty1234'.

The Importance of Password Security

While shutting down a major publication for more than a week may sound like a worst-case scenario, the reality is that security breaches like this one almost always have dire consequences. In fact, one study found that data breaches cost the average business around $10 million, so shoring up your security could have a serious impact on your bottom line.

If we've said it once, we've said it a thousand times: password security is vitally important for businesses in 2022. Until we finally go passwordless, which is certainly still a way off, you need to make sure your accounts are adequately secured with long, unique passwords that can't be guessed by a random hacker.

Password best practices remain hard to follow, though. With all those accounts, it can be impossible to come up with unique options for each one. Fortunately, password managers are designed to do just that, as well as offering other security features that can keep your business safe.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Conor is the Lead Writer for Tech.co. For the last six years, he’s covered everything from tech news and product reviews to digital marketing trends and business tech innovations. He's written guest posts for the likes of Forbes, Chase, WeWork, and many others, covering tech trends, business resources, and everything in between. He's also participated in events for SXSW, Tech in Motion, and General Assembly, to name a few. He also cannot pronounce the word "colloquially" correctly. You can email Conor at conor@tech.co.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals