The Economist, the venerable British financial magazine and online media operation, had to warn its customers/readers that one of its vendors had been hacked. (Not a problem the founders faced when the magazine was first published in 1843.) Visitors to economist.com using Windows OS were targeted at the end of last month with malware disguised as an Adobe software update.
The Economist did not reveal how many computers the malware is believed to have affected. The infected vendor was a company called PageFair. PageFair offers a technology for online publishers that measures the effect of adblockers and serves users who block ads an appeal to turn them back on. The idea is publishers and readers have an interest in keeping the Internet free (that is, ad-supported).
[UPDATE: The Economist sent 2paragraphs the statement that appears below.]
On Oct. 31, 2015, one of economist.com’s vendors, PageFair, was hacked, affecting 501 of its publishing clients, including us. We know that the issue lasted 83 minutes before it was resolved by PageFair. We were informed on Monday morning that this had happened. We obtained a copy of the malware from PageFair in order to analyze it independently.
The specialist company we engaged, Tempest, informed us the software is a keylogger – a type of surveillance software that has the capability to record every keystroke made by someone who has downloaded the malware – and this may compromise a user’s personal data such as passwords and bank and credit card details. We have now taken action to inform our customers. Please note that economist.com’s own systems have not been compromised; therefore any data we hold on our customers remains secure.
The Economist takes cybersecurity extremely seriously and strives to maintain the highest level of protection for our customers.