In the past few years, there have been some pretty significant data breaches that have occurred.  From the SolarWinds attack - to most recently an attack on Microsoft and Otka – several critical and large companies have been compromised by sophisticated cybersecurity attacks. But cybercriminals proved to have no boundaries when it was discovered by tech website Gizmodo that even the National Spelling Bee website was hacked.

Gizmodo first learned of the attack in February, when a mandatory data breach filing was submitted to the California Attorney General’s Office. According to the notice, an attacker used a previously unknown vulnerability to infiltrate spellingbee.com on January, 12. In the breach, the attacker stole user login credentials. Spellingbee.com is largely a resource portal for parents, sponsors and teachers of competing students.

Michael Perry, Senior Director for External Communications at Scripps, revealed that tens of thousands of email addresses had been exposed as a results of the hack. “According to public filings, roughly 54,800 email addresses were vulnerable. An undetermined number of those were old and/or inactive,” he said. It wasn’t clear if the email addresses had been used as usernames also, or if those were stored separately.

After learning of the in breach, Scripps hired a digital forensics firm to investigate and they also contacted law enforcement. The Spelling Bee website was quickly patched as well. “We took swift and appropriate action, including disabling passwords. We notified all affected users,” Perry said.

Scripps has advised their users to change their passwords.

Perry says that not many have reached out to the Spelling Bee with concerns regarding the incident. “The company received a handful of calls or emails after users were notified [of the hack]. We responded to each, and there were no further concerns expressed.”

The National Spelling Bee is the most well-known competition of its kind. Last year, Zaila Avant-garde made history as the first Black American contestant to win by spelling the word “Murraya”.

Hacking the Spelling Bee website might seem like a low point for cybercriminals, and it is. However, with attacks on hospitals, schools, non-profits and charities – attackers have already proven they’ll stop at nothing to take advantage of unsuspecting victims.

Story via Gizmodo