It was tough to tell for sure if The Onion really had been hacked earlier this week or if it was all just a joke—but now it's explained exactly how its Twitter account was compromised by the Syrian Electronic Army.
Turns out Onion employees were phished three ways. First, they started getting emails like the one above from May 3rd. Sadly, those Washington Post links weren't quite the real deal. Instead, they linked to URLS which redirected to pages asking employees for Google Apps details, and then redirected back to their email. At least one employee fell for it. Oops. With access to an email account, the Syrian Electronic Army then sent out more email across the office—now from a trusted source—playing the same trick. Two more fell for it.
Then—after password changes were encouraged across the company—the hackers used another account they'd compromised to send out a phishing email which claimed to provide a password reset link. Two more employees fell for it—and one set of credentials allowed the hackers to assume control of The Onion's Twitter account.
Eventually, passwords were reset across each and every account within the company, but not before some fun was had on Twitter. The take home? Phishing attacks are easy to fall for—especially if you work at The Onion, seemingly—so stay alert. [The Onion]