The Associated Press (AP) has issued a warning regarding a data breach affecting its AP Stylebook customers, which subsequently led to targeted phishing attacks. This breach occurred on an old, inactive third-party-managed AP Stylebook site between July 16 and July 22, 2023, compromising data from 224 customers.
Furthermore, the stolen information includes names, email addresses, addresses, phone numbers, and even tax-exempt IDs like Social Security Numbers or Employer Identification Numbers. AP first became aware of the breach on July 20, 2023, after customers reported receiving phishing emails prompting them to update their credit card information. In response, AP took the compromised site and phishing attempts offline and notified customers to reset their passwords on the next login.
While the breach affected a relatively small number of customers, around 224, the credentials of journalists and media companies are highly coveted by cybercriminals. Gaining access to media networks can lead to various malicious activities, including extortion, ransomware attacks, data theft, and cyber espionage.
In the past, both local and global media outlets have fallen victim to ransomware and cyberespionage attacks, with notable examples like News Corp, the Philadelphia Inquirer, and German newspaper Heilbronn Stimme. AP has taken measures to mitigate further damage from this incident, but the incident serves as a reminder of the persistent threat cyberattacks pose to media organizations and their sensitive data.
The breach exposed significant personal and financial data, making it essential for the affected customers to reset their passwords and remain vigilant against potential phishing attempts.
Cybersecurity remains a critical concern for newsrooms and journalists worldwide, and this incident underscores the importance of robust security measures to protect sensitive information. AP continues to investigate the phishing attack, and further updates may follow as more details emerge about the incident.