Lewis Dvorkin, the chief product officer at Forbes, writes about how the business magazine reacted when it discovered its website had been hacked last week by the Syrian Electronic Army.
Dvorkin writes, “We took quick action on Thursday to lock down the platform, limiting our ability to publish. We made what we thought were corrective adjustments, then reopened the system for staffers and contributors to continue their work. Hours later, it became clear the attack was continuing. Once again we locked down the platform, making additional modifications. It was reopened for the overnight hours. Friday morning brought more of the same, so we decided to shutdown the normal publishing process for the holiday weekend.
“On both Thursday and Friday (and throughout the weekend), Forbes.com itself remained continuously available to the public. Traffic on Thursday was normal for a weekday, as it was for a Friday before a Monday holiday (archival content accounts for an increasing share of our usage). On Friday, we took steps to map computers in our New York office to a ‘safe haven’ server so staff reporters could publish. We set up a special email box for contributors to drop their posts. FORBES producers would grab them and publish them to the contributor’s page. Our loyal contributors eagerly participated in the make-shift process.
“Communication with our audience and contributors became critical, though separating threat from fact took time. We used our Twitter and Facebook pages to notify registered readers of Forbes.com that their email addresses may have been exposed (again, it’s now been confirmed they were). We also published a headline on the Forbes.com home page. Even though passwords used by consumers to log on to Forbes.com were encrypted, we strongly encouraged that they be changed when sign-on became available again. We were in contact with contributors through email and other means.”
Read more here.