Reuters / (Adds North American targets, confirmation from Gigya)
LONDON/TORONTO Nov 27 (Reuters) – The websites of British and North American media organisations and retailer Wal-Mart’s Canadian unit were hacked on Thursday in a suspected attack by the Syrian Electronic Army, an amorphous hacker collective that supports Syrian President Bashar al-Assad.
Among media sites hit were London newspapers the Daily Telegraph, Independent and Evening Standard. The Canadian Broadcasting Corporation and New York Daily News also said they had fallen victim to the hack.
Users attempting to access certain parts of the attacked websites found a message that read “You’ve been hacked by the Syrian Electronic Army (SEA)” and were then redirected to the group’s logo, an image of an eagle bearing the Syrian flag and a message in Arabic.
The group posted on its Twitter feed, referring to Thursday’s U.S. Thanksgiving holiday: “Happy thanks giving, hope you didn’t miss us! The press: Please don’t pretend #ISIS are civilians. #SEA”
The affected companies said that their systems were safe.
Walmart Canada said some of its customers received an unusual pop up message, but that no systems were compromised nor customer data exposed.
CBC, Canada’s public broadcaster, also said the Syrian hacking group did not gain access to its systems or servers.
A Twitter account affiliated with the Syrian group posted an image on Thursday that appeared to show it accessed the GoDaddy account of gigya.com, a company that helps businesses identify those who visit their websites.
Gigya counts the NFL, NBA and NHL professional sports leagues, and media outlets including the CBC, CBS, NBC, Forbes, CNN, al Jazeera and Fox among its customers. It was not immediately clear how many of them were affected.
Gigya said a breach at its domain registrar, GoDaddy, resulted in traffic to its site being redirected, but that the problem had since been fixed.
GoDaddy did not immediately respond to requests for comment.
“To be absolutely clear: Neither Gigya’s platform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised,” Gigya CEO Patrick Salyer said in a blog post.
The websites of companies such as the New York Times, the BBC, Reuters and Microsoft have been targeted by the SEA in the past, as have Twitter accounts of other media organisations. (Reporting by Michael Holden in London and Alastair Sharp in Toronto, additional reporting by Luciana Lopex in New York and Solarina Ho in Toronto; Editing by Tom Heneghan and Cynthia Osterman)
Con Información de Reuters