The career section of The Washington Post’s website has been hacked, exposing 1.3m user IDs and email addresses of job applicants.
The hack occurred on 27 June and 28 June in “two brief episodes” affecting the job listings and CV submission sections of the site, according to The Washington Post.
A spokesperson for the newspaper said the reason it delayed telling people about the hack was because it wanted to make sure it had “a complete understanding as to what had happened and the potential consequences” before making a statement.
While emails and user IDs were compromised, no passwords or other personal details were affected. The Washington Post warned that job applicants may receive junk mail and spam aiming to get personal information as a result of the hack.
The newspaper is working with the authorities to pursue the matter and said it has implemented “new security measures” to prevent this from happening again.