AP Warns Users of Popular Writing Style Guide about Phishing Attacks

The Associated Press (AP) recently issued a warning to users of a popular writing style guide, cautioning them about phishing attacks that have affected their personal information. This data breach has raised concerns over the security of sensitive data and highlights the need for heightened cybersecurity measures.

Background

The compromised personal information was stored in a database that was accessible on an old AP Stylebooks website. Although the website was no longer in use, it remained available online and was maintained by an external service provider, Stylebooks.com. This arrangement inadvertently exposed the stored personal information to unauthorized access.

Security incident

As a result of this security incident, the personal information of AP Stylebook’s customers stored on the outdated website was unlawfully accessed by an unauthorized third party. This breach implies that the compromised data may have been acquired by malicious actors for potentially nefarious purposes.

Discovery through phishing emails

The discovery of this security incident was the result of vigilant users who promptly alerted Stylebooks.com about suspicious phishing emails they had received. These fraudulent emails directed recipients to a counterfeit AP Stylebooks website that requested credit card details, raising suspicion and revealing the unauthorized access.

Timeline of the incident

Investigations into the breach have determined that the threat actor gained access to the old AP Stylebooks website during a specific timeframe. The incident occurred between July 16 and July 22, 2023, highlighting the importance of constant monitoring and timely detection of cyber threats.

Affected personal information

The personal information compromised in this breach includes the names, email addresses, street addresses, cities, states, zip codes, phone numbers, and User IDs of AP Stylebook customers. Additionally, it was discovered that when customers made purchases, the AP Stylebook website had also requested Tax Exempt IDs, where applicable. The records indicate that individuals who submitted a 9-digit number as a response may have exposed their Social Security Number or Taxpayer ID.

Potential exposure of Social Security numbers or taxpayer IDs

Considering the submission of a 9-digit number that corresponds to a Tax Exempt ID, the AP cannot rule out the possibility of inadvertent exposure of Social Security Numbers or Taxpayer IDs. This revelation raises concerns regarding the potential misuse and exploitation of this highly sensitive information.

Actions taken by AP

Upon discovering the phishing emails and unauthorized access to personal information, the AP promptly alerted all affected individuals. In an effort to safeguard their impacted customers, the AP is offering 24 months of complimentary credit monitoring and identity restoration services. These services aim to mitigate any potential long-term consequences of the data breach.

Impact and Targeting

While the incident impacted a relatively small number of individuals, approximately 224, it is important to note that journalists, in particular, are highly sought-after targets for cyber espionage. The nature of their work and access to sensitive information make them attractive targets for malicious actors. This incident highlights the urgent need for journalists and media organizations to prioritize robust cybersecurity measures.

The recent phishing attacks on users of a popular writing style guide underscore the importance of remaining vigilant in safeguarding personal information. The breach serves as a reminder that even seemingly dormant websites can pose significant security risks if not adequately maintained. Organizations must prioritize comprehensive cybersecurity measures to protect user data, and individuals must remain cautious and proactive in monitoring their online presence. By taking these steps, we can help ensure the security and privacy of personal information in an increasingly digital age.

Explore more

Ethereum Uses AI Swarms to Proactively Patch Network Flaws

The architectural integrity of global decentralized networks has reached a pivotal juncture where the speed of malicious exploitation often outpaces the traditional cadence of human-led security audits. To address this widening gap, The Ethereum Foundation has fundamentally transitioned its security strategy from a reactive model to an automated, proactive defense paradigm that leverages the power of machine learning. This shift

How Is ERP Modernization Driving DLA to Audit Readiness?

The Defense Logistics Agency currently manages an intricate global supply chain that serves as the backbone for the United States military, requiring an unprecedented level of financial precision and operational transparency to meet modern oversight requirements. This massive undertaking involves a transition from aging, siloed legacy systems to a unified Enterprise Resource Planning environment designed to provide real-time visibility into

What Makes Odyssey Infostealer a Global Threat to macOS?

The long-standing myth that macOS remains immune to sophisticated cyberattacks has been decisively shattered by the emergence of the Odyssey infostealer, a highly specialized malware variant engineered to bypass modern system integrity protections. This transition represents a fundamental shift in the threat landscape, where the historical security-by-obscurity advantage once enjoyed by Apple users has entirely vanished. As the adoption of

Can AI Secure Windows Without Compromising Stability?

The sheer scale of modern software development has reached a point where manual code review is no longer sufficient to protect the billions of devices running Windows across the globe. As lines of code multiply and interdependencies become more complex, traditional security measures are struggling to keep pace with the rapid evolution of sophisticated digital threats. In response to this

Xero Launches JAX to Redefine Accounting with Agentic AI

Small business owners have historically spent an exhausting amount of time tethered to spreadsheets and receipts, but the emergence of agentic AI is finally turning those static records into a living, breathing financial command center that operates with minimal human oversight. With more than five million global subscribers now integrated into its ecosystem, Xero is spearheading a movement toward Accountable