A hacker is selling a database supposedly containing 83,000 compromised accounts from UPI.com, the website of the 110-year-old American news agency United Press International.
After being contacted by CyberScoop, UPI alerted its entire email subscriber base Tuesday and removed login pages and entire sections of its website.
For $100 (about 0.09 in bitcoin), a buyer gets emails, names and passwords in a database being sold on AlphaBay, the largest black market on the dark net. The passwords are hashed with the MD5 algorithm, an out-of-date technology with significant vulnerabilities. The seller himself had already cracked some of the passwords.
The listing boasts that the data has not yet been published anywhere else. The seller declined to provide details on the breach itself or the age of the information.
The seller, zerodark70, provided CyberScoop with a small handful of samples to verify that data. They contained usernames, real names, email addresses and encrypted passwords. The samples were incomplete, so the full extent of the data included is unclear. To verify the data, CyberScoop contacted victims of the dump who confirmed details within the database.
In the middle of the verification process, UPI removed the login page from the UPI Next section of the website. UPI Next is the global media development division of UPI and includes hundreds of international students and faculty.
The breached accounts also appear to include all of UPI’s of email subscribers, which amounts to tens of thousands, as well as their executives, journalists and other employees who have worked at UPI within the last several years.
Launched in 1907, UPI was one of the United States’ major news wires during the 20th century. UPI’s alumni list is long and distinguished, including Walter Cronkite, but the company shrank considerably in recent decades while the Associated Press grew to dominate the domestic market. Even so, journalists working at UPI still regularly interact with top U.S. officials in the defense and energy sector. Journalists are high-value targets for hackers in large part due to the fact that they keep close and active relationships with powerful individuals.
UPI was notably hacked in 2015 when attackers — a UPI IT director blamed the Syrian Electronic Army, a group credited with many previous hacks — hijacked the news agency’s Twitter account and announced that World War III had commenced. It took a couple of hours but UPI eventually issued a correction.