This article was published on August 15, 2013

Outbrain takes recommendation widget service offline after breach compromises Washington Post, others


Outbrain takes recommendation widget service offline after breach compromises Washington Post, others

Outbrain has disabled its content recommendation service after a security breach compromised the websites of several prominent clients. The Syrian Electronic Army (SEA) has taken credit for the attack, which is believed to have affected the Washington Post, Time and CNN.

Outbrain issued the following email to explain the outage:

Earlier today, the Outbrain service was hacked and we took down service as soon as it was apparent. The breach now seems to be secured and the hackers blocked out. However, we are keeping the service down for a little longer until we can be sure it’s safe to turn it back on securely. Updates will be posted at techblog.outbrain.com.

The Post and other publishers utilize Outbrain provide a widget of sponsored links on their sites. The SEA appears to have gained access to Outbrain’s system and manipulated it to maliciously redirect links.

The SEA has been active in its attacks as of late. Earlier this week, it gained access to SocialFlow’s social media accounts.

Update: Outbrain says it has secured its network and plans to resume service soon:

We have now secured the Outbrain network verifying the integrity of our code and blocking all external access to our systems. We have also restored system settings to their state prior to the attack.

We expect to resume service in the next few hours. We will let you know when the service is fully restored.

Update 2: Outbrain says service has been fully restored.

Image credit: Fuse

Get the TNW newsletter

Get the most important tech news in your inbox each week.