Cyber Incident Victim: NewsNow

NewsNow, an online news aggregation service, experienced a security breach disclosed via email to users on or before September 25, 2018. The company did not publicly announce the incident through its website or social media channels at the time of disclosure. In the email notification titled "Update on your account security," NewsNow stated that while the breach had been resolved and security measures strengthened, an encrypted version of user passwords might have been accessed during the incident. The organization clarified there was no concrete evidence confirming password compromise but acknowledged the possibility couldn't be entirely eliminated. NewsNow emphasized that deciphering the encrypted passwords would be technically challenging and noted the platform didn't store sensitive personal data like payment information, suggesting limited immediate risk to users. As an immediate containment measure, the company forcibly signed out all active users and implemented fundamental changes to its authentication system.

The breach prompted NewsNow to completely eliminate password-based authentication from its platform. The company transitioned to an email-based login system where users enter their email address and receive an authentication link to access their accounts. This architectural shift transferred partial security responsibility to users' email providers, with NewsNow explicitly advising users to secure their email accounts. The organization recommended password changes for any external services where users might have reused their NewsNow credentials. While the exact breach timeline and intrusion methods remained undisclosed, the incident resulted in permanent operational changes to NewsNow's authentication framework. The company's response focused on reducing future attack surface by removing password storage entirely rather than enhancing existing credential protection measures.