Pfizer’s Facebook hacked in AntiSec hit
The AntiSec campaign rumbles on with a new group going under the moniker of the Script Kiddies joining in.
Pfizer, the biggest research-based pharmaceutical company in the world, had its Facebook page hacked this week.
The firm was not forthcoming on how the hack took place but a group known as the Script Kiddies has taken credit for the hit.
“We have been working with Facebook to understand what happened so we can guard against it in the future,” Pfizer said on its recovered Facebook page.
“Thank you for your patience while our page has been down, and we are pleased to be sharing our news with you once more.”
Security blunders by PR companies or contractors can quickly become the stuff of legend.
A note left on the Facebook page read: “The guy in charge of this Facebook. Hint for next time: protect this company with a LITTLE better security. One Google search and I’m in.”
A Twitter post from the Script Kiddies said: “So apparently, the articles are all claiming the security breach on Pfizer's page was Facebook's fault? No... thank Pfizer and Pfizer only.”
The group said it hacked the Facebook account for moral reasons.
Sophos' Paul Ducklin suggested the hackers got in by simply guessing the password of someone at Pfizer's PR company who had access to the Facebook page.
"Initiating, noticing, receiving, sifting and replying to online interactions swiftly is what a modern PR company is supposed to be good at," he said in a blog post.
"But if you do this, you don't just need to trust your flacks to be creative communicators. You need to trust them to be at least as good at computer security as you are... Security blunders by PR companies or contractors can quickly become the stuff of legend."
The AntiSec campaign has claimed attacks on mainly Government bodies, but evidently private organisations are under threat also.