"The Washington Post Web site was hacked today, with readers on certain stories being redirected to the site of the Syrian Electronic Army," the paper said in an editors' note. The Post added that it is "working to resolve the issue."
WaPo managing editor Emilio Garcia-Ruiz also released the following statement:
A few days ago, Post newsroom employees were subjected to a sophisticated phishing attack, allegedly by the Syrian Electronic Army, which attempted to gain password information. The attack resulted in one staff writers' personal account being used to send out a Syrian Electronic Army message. This morning, some articles on our web site were re-directed to the Syrian Electronic Army's site for a period of about 30 minutes. The Syrian Electronic Army, in a Tweet, claimed they gained access to elements of our site by hacking one of our business partners, Outbrain. We have taken defensive measures and removed the offending module. At this time, we believe there are no other issues affecting the site.
The Syrian Electronic Army has attacked major news companies before, including the Associated Press, The Guardian and Reuters, but in those cases the news orgs' Twitter feeds were targeted. After The Onion's Twitter feed was attacked, the satirical publication's tech team offered tips on how to avoid a similar fate.
The Post hack comes on the heels of a Web outage at The New York Times, though the paper said on Wednesday that the site went down due to an internal issue. “The outage occurred within seconds of a scheduled maintenance update being pushed out, and we believe that was the cause,” Times spokeswoman Eileen Murphy told the paper. According to Bloomberg News, the company's email system also went down.