If you’re a news junkie there’s a good chance you check NewsNow frequently. You might even have an account with this aggregated news content service which gives you the latest lowdown in even the most obscure of areas.
If so, you probably won’t be happy to hear account passwords have been hacked.
Somewhat ironically, but not surprisingly, NewsNow has not made the news public.
Rather it has sent out emails to account holders informing them about the ‘believed’ hack.
Hacked or not hacked?
In the mail it says: “… we believe it is possible that an encrypted version of your password may have been accessed. While we do not have concrete evidence that this has happened, the possibility cannot be completely ruled out.”
In an effort to dampen down any sense of rising panic among its account holders it adds: “Since it would not be straightforward to for anyone to decipher your actual password… we think the likelihood of anyone taking the trouble to decipher your password is minimal.”
This statement is disingenuous and eyebrow raising too. Of course for the average person deciphering passwords is unlikely to be the biggest focus of their everyday life.
NewsNow doesn’t specify what sort of encryption was used to ‘secure’ passwords. But for your average cyber fraudster passwords, encrypted or not, can be a goldmine.
Encrypted passwords can be unencrypted by skilled hackers and sold off in the dark web.
That said, sensing the potential for disaster NewsNow advised its account holders:
- We would strongly recommend that, if you have used your existing NewsNow password on any other websites or online services, you change those now.
- We would also encourage you to continue to take all usual precautions such as ignoring and deleting spam and unsolicited emails, and in particular avoiding opening unsolicited email attachments; use strong passwords, avoid using the same passwords for multiple websites or online services.
This of course is good sense. If you do have a NewsNow account and it has been hacked it’s probably only a matter of time before passwords are cracked.
At some point account holders are likely receive phishing mails of various descriptions as fraudsters try and squeeze some value from the email addresses.
Hopefully, most people will identify and bin these mails. But fraudsters only need a small percentage to fall for the mails in order to strike gold.
Finally, while NewsNow has tried to handle the hack in a low key diplomatic manner it has clearly had its fingers scorched.
- It has now done away with password-based access.
- In future users will enter their email address into a form, and will then receive an email containing a link that will log them into the NewsNow system.
If you want to protect your passwords, email addresses and other personal information check this link