In its latest breach of a highly trafficked website, the Syrian Electronic Army has published a database that it says contains login credentials for 1 million users of business publication Forbes.com. Forbes confirmed the attack Friday, but stopped short of saying how many credentials had been compromised. "Users' email addresses may have been exposed," Forbes wrote. "The passwords were encrypted, but as a precaution, we strongly encourage Forbes readers and contributors to change their passwords on our system, and encourage them to change them on other websites if they use the same password elsewhere."
It's unclear how the SEA gained access to the data, though on Twitter the hackers blamed a Forbes social media manager. Forbes said it had notified law enforcement about the breach. The attackers also gained access to Forbes' publishing system, altering at least three stories on the publication's website, according to Re/code. Attackers also posted "Hacked by the Syrian Electronic Army" on the site. The Forbes blog was still down Saturday afternoon, though the rest of the site appeared to be functioning normally.