The Associated Press warns of a data breach affecting AP Stylebook customers, where attackers used stolen data to carry out targeted phishing attacks.
The AP Stylebook is a commonly used guide to grammar, punctuation and writing by journalists, magazines and newsrooms around the world.
This week, Associated Press warns An obsolete third-party managed AP Stylebook site was hacked between July 16th and July 22nd, 2023, potentially exfiltrating the data of 224 customers.
Stolen information includes the customer’s name, email address, address, city, state, zip code, phone number, and user ID. For customers who entered tax-exempt IDs such as Social Security numbers or employer identification numbers, those IDs were also stolen.
The Associated Press said it first learned of the potential data breach on July 20, 2023, after AP Stylebook customers reported receiving phishing emails that said they needed to update their credit card information.
Upon learning of the phishing attack, AP took the old site and phishing offline to prevent further attacks.
At the end of July, the company began warning AP Stylebook customers of a phishing attack, warning that the emails were coming from “support@getscore.my”.[.]id with a subject like “About AP Stylebook Order Number. July 20, 2023 06:48:20 am”.
The Associated Press also requires all AP Stylebook customers to reset their passwords the next time they log in.
While this was not a major data breach and only 224 customers were affected, the login credentials of journalists and media companies are highly coveted by cybercriminals.
Access to media company networks can lead to a variety of attacks, including extortion and ransomware attacks, data theft, and cyber espionage.
In the past, local and global media outlets such as News Corp, Philadelphia Inquirer, and German newspaper Heilbronn Stimme have fallen victim to ransomware and cyberespionage attacks.
BleepingComputer reached out to The Associated Press to learn more about the phishing attack. We’ll update this article once we know more.