OSNews Suffered 'Likely' Data Breach, Contemplated Going Offline Permanently

hmckee writes: OSNews was offline for a few days for upgrades. It is now back up with a message that indicates they encountered a data breach and considered going offline for good due to maintenance and financial difficulties. 'Our best guess is that someone was able to exploit a vulnerability in old, unmaintained code in the site's content management system, and made off with at least some user data, which may be as little as a few user records or, at worst, our entire database,' writes Publisher David Adams. 'Your email addresses were in there, and the encryption on the passwords wasn't up to modern standards (unsalted SHA1). Other than potential spam, though, we're not aware of any other nefarious use of your data, we don't store much beyond email addresses and passwords...' David goes on to cite poor advertising revenues and a lack of time for reasons to throw in the towel and go offline permanently.

Read more of this story at Slashdot.