Harsh Security Standards May Lead to More Security Breaches If you need proof that any industry can be the victim of a breach, I think the recent network hack of PR Newswire covers it. PR Newswire is a major marketing source for companies of all sizes, sending out press releases and coordinating other communications efforts. […]
Harsh Security Standards May Lead to More Security Breaches
If you need proof that any industry can be the victim of a breach, I think the recent network hack of PR Newswire covers it. PR Newswire is a major marketing source for companies of all sizes, sending out press releases and coordinating other communications efforts. For the enterprise, a company like PR Newswire gets your brand out in front of customers. For writers like me, it provides ideas and sources for articles and blogs.
This breach compromised usernames and encrypted passwords of thousands of customers who use the services. According to Krebs on Security:
The stolen data was found on the same Internet servers that housed huge troves of source code recently stolen from Adobe Systems. Inc., suggesting the same attackers may have been responsible for both breaches. Date and time stamps on the stolen files indicate that breach at PR Newswire occurred on or after March 8, 2013.
One of the people who discovered the breach, Alex Holden, CISO at information security services company Hold Security, told SC Magazine that he doesn’t understand why PR Newswire was targeted, as no financial records were at stake. But Aaron Titus, CPO at Identity Finder, says that this attack could lead to corporate identity fraud.
While we often think of identity fraud as a consumer problem, corporate identity fraud can have devastating effects on businesses, markets, and even public health. In this case, PR Newswire was concerned that a malicious third party could use the stolen information to impersonate their customers, potentially causing official-looking (but fraudulent) press releases to be sent in the name of customers like Chevron, Procter & Gamble, General Motors, and the World Health Organization (WHO). It is easy to imagine the havoc that could be caused by such corporate identity fraud.
Titus makes a good point. While the most logical reason for a breach might not be clear immediately, you can be sure the bad guys have a reason for gathering whatever information they can mine.
Since it was alerted of the breach, PR Newswire has asked its customers to reset their passwords as a precaution.
Sue Poremba is freelance writer based on Central PA. She's been writing about cybersecurity and technology trends since 2008.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
