A Russian hacking collective has stolen a database of reader data from popular tech site CNET over the weekend, the site has confirmed.
“A representative from the group calling itself W0rm told CNET News in a Twitter conversation that it stole a database of usernames, emails, and encrypted passwords from CNET's servers,” CNET noted in its posting. “The database affects more than 1 million users.”
W0rm, which uses the Twitter handle @rev_priv8, tweeted a screenshot purportedly showing the contents of the CNET database. He or she said that a security hole in CNET.com's implementation of the Symfony PHP framework was the attack vector. For its part, CNET parent CBS Interactive noted that "We identified the issue and resolved it a few days ago. We will continue to monitor.”
CBS Interactive’s monthly web views, which includes CNET, topped 27.1 million US unique visitors on desktop and mobile in June 2014, according to comScore – making it the ninth-most visited collection of sites in the US.
Despite sending a tweet that the database is up for sale for 1 bitcoin ($622), W0rm said that he and his group were merely planning to raise awareness of endemic flaws in web security, with no plans to go through with the sale. The group has employed a similar ploy with claimed hacks of the BBC in late 2013, Adobe Systems and Bank of America.
"[W]e are driven to make the Internet a better and safer [place] rather than a desire to protect copyright," W0rm said via Twitter. "I want to note that the experts responsible for bezopastnost [security] in cnet very good work but not without flaws."
"It definitely can feel like a slap in the face to an organization to be hacked, but in reality, most of the time in circumstances like this it's actually a good thing," Robert Hansen, a web security expert at White Hat Security, told CNET. "W0rm was careful not to give the full path to the actual exploit, and informed the general public that the compromise occurred."