EurekAlert, a science press release service by the American Association for the Advancement of Science has been hacked and the usernames and passwords of several media users have been stolen.
In a message on the website, AAAS director Ginger Pinholster said, “An aggressive September 9 attack on the EurekAlert! website compromised registrants’ usernames and passwords, and resulted in the premature release of two embargoed news releases.”
Aplogizing for the attack, he said, “We deeply regret the inconvenience that this hack has caused.”
The AAAS team is trying to restore archives, dating to 1996, back online…We look forward to re-launching a greatly improved and more robust EurekAlert! website, which will offer enhanced protection against attacks,” he said.
Here’s the full text of the message:
September 15, 2016 / 12:25 p.m. EDT
Dear EurekAlert! Registrants,
As you know, an aggressive September 9 attack on the EurekAlert! website compromised registrants’ usernames and passwords, and resulted in the premature release of two embargoed news releases. The integrity of EurekAlert!’s content and infrastructure remains our primary concern at AAAS. We deeply regret the inconvenience that this hack has caused, and we are taking deliberate steps to restore and strengthen the system.
The AAAS team has been working around the clock to bring EurekAlert! and its vast and unique science-news archive, dating to 1996, back online. We are doing so in a planned and methodical way so that when we do re-launch the site, we will be better-positioned to thwart future attacks. We have rebuilt the EurekAlert! system environment and will continue to put it through intensive cyber-security testing until we are confident that it meets the high level of security and integrity that you have come to expect from EurekAlert!. After the site is re-launched, all registrants will be prompted to create a new password that meets modern standards for password complexity. We are currently optimistic that all of this can be achieved by the weekend.
We recognize that the September 9 hacking incident has caused significant inconveniences for thousands of registered journalists and public information officers who work to communicate science to the public. We look forward to re-launching a greatly improved and more robust EurekAlert! website, which will offer enhanced protection against attacks. We remain grateful for the continuing support of our community.
Chief Communications Officer and Director, Office of Public Programs
American Association for the Advancement of Science
firstname.lastname@example.org / 202-326-6421