The company said the incident is now being investigated, though it’s believed to be connected to a hack of its website on Sunday, which resulted in similarly displayed language.
WordPress Content Management System Hacked
A series of tweets revealed that Fast Company’s entire site was shut down late on Tuesday, Sept. 27, 2022, due to hackers breaching their content management system (CMS). The company’s WordPress tools were connected to an Apple News feed to automatically push news content to its subscribers. “Two obscene and racist push notifications were sent about a minute apart,” Fast Company tweeted. The news feed has now been shut down, Apple News said on Twitter. “An incredibly offensive alert was sent by Fast Company, which has been hacked. Apple News has disabled their channel.” A similar issue affected Fast Company on Sunday when abhorrent language caused it to shut down its website for approximately two hours.
Confusion Surrounding the Hack
Sources show that Fast Company was allegedly hacked over the weekend by a user known as “postpixel,” a member of the notorious BreachForums — a known gathering spot for dark web cybercriminals. Screenshots on the web showed Fast Company’s homepage defaced with a message, disappearing a few hours later. The message ridiculed Fast Company’s efforts to secure its systems, saying that using a password like “pizza” followed by a string of numbers across several accounts is disgraceful. “Don’t trust them [Fast Company] (or “Inc,” they’re owned by the same company Mansueto) with your viewership,” hackers said. What may have taken place is that hackers took advantage of the lack of multi-factor authentication in Fast Company’s WordPress CMS, and got access to admin accounts as well as Apple News configurations. CEO and Co-Founder of “@tryfragile” Zack Wynegar tweeted screenshots of the profane Apple News alerts, sent to users by a hacker under the alias “Thrax.” Wynegar pointed to the fact that, because Fast Company is also a financial publication, a hacker with this kind of access could have spammed users with cryptocurrency scams instead of obscenities. At the moment, however, Twitter feeds are quiet, Fast Company’s website is down, and so is the Apple News feed. Fast Company’s owner Mansueto Ventures LLC’s website is also unavailable, as is Inc[.] — another of Mansueto’s successful subsidiaries.
Cancel Culture, Anti-Minority Activism, Teenagers?
It is difficult to pinpoint exactly what took place as the incident is still under investigation. However, Fast Company’s Twitter followers harbored a host of opinions on the matter. Some waved off the incident as done on purpose by the purportedly “edgy” magazine to garner attention, while others exclaimed this was an attack against African Americans and the LGBT community. A commenter on The Washington Post even went so far as to point the finger at pro-Trump “MAGA insurrectionists.” More users said teenagers were likely behind the attack to simply cause chaos. Another noted that MSNBC cable television host Joy-Ann Reid’s website was hacked recently and spammed with anti-LGBT content. This is not the first time we’ve covered cybersecurity incidents that revolve around obscenities and hate speech. On Sept. 5, 2022, major internet hosting and cybersecurity service provider Cloudflare cut all ties with the notorious anti-trans community forum Kiwi Farms due to dangerous content posing a threat to human life. Content management systems like WordPress are a big target for cybercriminals, as millions of organizations and brands, Fast Company notwithstanding, use it to build their websites. To find out where cybercriminals gather and share stolen data like account passwords, check out our full guide to the dark web. While browsing Apple’s News feeds, remember to secure your own internet traffic with one of our top VPNs for the iPhone.
