The business publication Fast Company said its website will remain offline until it can be sure that hackers no longer have access to its content management system.
The statement came nearly 24 hours after an unknown person gained unauthorized access to the WordPress portal used by Fast Company to publish its magazine articles and other content on the Internet.
The incident became widely known after users of Apple News received a series of profane push alerts with language not normally included in Fast Company articles. The alerts appeared to be linked to at least two stories that were vandalized on the Fast Company website, which contained similar language.
An editor at Fast Company told The Desk on Tuesday it was working to restore the vandalized articles to their original state. But the company ultimately decided to pull its entire website from the Internet after a purported hacker posted a lengthy manifesto in which they claimed the company was relatively easy to compromise.
Among other things, the hacker claimed Fast Company’s content management system and associated databases were not secure. The hacker, who went by the name “postpixel,” said a company administrator allegedly used an easy-to-guess password that started with the word “pizza,” followed by a string of consecutive numbers.
“What an absolute disgrace of a news source, and one that I would personally avoid due to how little they care about user security,” the hacker wrote.
On Wednesday, Fast Company said its website will remain offline until it can be sure its systems are fully secure. The organization said it has retained “a leading global incident response and cybersecurity firm” to assist with its investigation and the aftermath of the attack.
“Fast Company regrets that such abhorrent language appeared on our platforms and in Apple News, and we apologize to anyone who saw it before it was taken down,” a spokesperson for the publication said.
Fast Company content will continue to be published on its Facebook, Twitter and Instagram profiles.