Cyber Incident Victim: Forbes

On February 14, 2014, the Syrian Electronic Army (SEA) compromised Forbes.com’s publishing platform, stealing user data and defacing the website. The attackers breached Forbes’ WordPress-based backend, accessing over one million user email addresses and encrypted passwords, which they claimed would be published later. The SEA publicly announced the intrusion on social media, displaying screenshots of Forbes’ internal systems as evidence. They also posted a fabricated article titled "Hacked by the Syrian Electronic Army" on Forbes.com, though it was subsequently removed. The group cited Forbes’ alleged "hate for Syria" and "flagrant" anti-Syrian articles as motivation for the attack. This incident aligned with the SEA’s pattern of high-profile cyber intrusions, including prior breaches of Viber, Thomson Reuters, the Onion, BBC, and Microsoft accounts. Forbes confirmed the compromise in a Facebook statement, noting the publishing platform and website were targeted but clarifying that passwords remained encrypted despite email exposure.

Forbes responded by urging users to change their passwords on its platform and any other sites where they reused credentials, emphasizing precaution due to the potential data exposure. The company notified law enforcement and issued a public apology to its community, characterizing the breach as a serious matter. No additional fraudulent articles beyond the initial "Hacked" post were observed on the site after its removal. The SEA’s spokesperson reiterated to IBTimes that the attack was a direct response to Forbes’ editorial stance on Syria. While Forbes did not disclose technical details about the attack vector or duration of unauthorized access, its acknowledgment confirmed the SEA’s core claims regarding data theft and temporary website defacement. The incident underscored operational risks to media entities from politically motivated threat actors targeting perceived biases in coverage.