Readers of a popular monthly American business magazine on Apple News witnessed shocking racist remarks after a hacker breached its security.
A hack meant that users got the "incredibly offensive" push messages through to their phones on Tuesday evening, September 27, leading the publication to close down its site.
In a statement shared on Twitter, Fast Company explained that its "content management system account was hacked on Tuesday evening".
READ MORE: 'Shafted' WizzAir passengers stranded after they're sent in taxi to wrong country
"As a result, two obscene and racist push notifications were sent to our followers in Apple News about a minute apart. The messages are vile and are not in line with the content and ethos of Fast Company," they said.
The publication added that a investigation was now underway.
The site was also shut down and "restored" a couple of hours after a related hack on Sunday, September 25.
"Fast Company regrets that such abhorrent language appeared on our platforms and in Apple News, and we apologize to anyone who saw it before it was taken down," the representative added.
Apple News also addressed the incident on Tuesday and shared a statement on its official Twitter account.
They said the Fast Company channel was disabled and indeed users who tried to access it Tuesday night and today were met with an error 404 page.
For the latest breaking news and stories from across the globe from the Daily Star, sign up for our newsletter by clicking here.
According to Bleeping Computer, on Sunday the site's homepage began filling up with stories titled "Hacked by Vinny Troia. [redacted] tongue my [redacted]. Thrax was here."
However, the site also reported that hacking groups often breach sites and blame it on Mr Troia.
But the second name, Thrax, appeared on online forums boasting about how they bypassed weak authentication security on the site and guessed a "very easy default password" which was used on "dozens" of accounts.
They claimed they were able to steal Auth0 tokens, Apple News API keys, and Amazon SES secrets after the first step.
Using these tokens, they claim to have created administrator accounts on the CMS systems, which were used to push out the notifications to Apple News, as reported by Bleeping Computer.
READ NEXT:
- Bombshell book claims Meghan Markle wanted to be rejected in 'obsessed' narrative
- Panicked Prince Harry is 'desperate to make late changes to £17m memoir'
- Prince Harry was 'addicted to Twitter' and fighting media 'long before he met Meghan'
- Queen's grave pictured for first time as she joins Prince Philip and her family at last
- 'Terrified' Harry cancelled meetings with William over fears his team would leak gossip
Source: Read Full Article
