Web surfers hoping to watch some hockey highlights or Jimmy Fallon clips on Thursday received a nasty shock in the form of a pop-up message stating that the websites had been hacked by the Syrian Electronic Army. The message could be seen on several large media and entertainment websites Thursday, including NBC, the Independent, and NHL.com, the New York Times reports.

Fortunately for the media companies, the websites themselves were not actually hacked. According to the Times, the Syrian hackers instead exploited a vulnerability in the DNS settings of Gigya, a service that many large websites use to handle comments and social media logins, to make it appear as if the sites had been compromised. Gigya says the glitch has now been repaired.

“To be absolutely clear: neither Gigya’s platform itself nor any user, administrator or operational data has been compromised and was never at risk of being compromised,” said Gigya’s CEO Patrick Sayler, in a blog post. “Rather, the attack only served other JavaScript files instead of those served by Gigya.”

The attack is an embarrassment for Gigya, who provides its services to over 700 firms worldwide and processed over 1 billion logins this year, according to Gigaom. The San Francisco company also just raised $35 million in venture capital.

“Gigya has the highest levels of security around our service and user data,” said Sayler. “We have put additional measures in place to protect against this type of attack in the future.”

The attack is only the latest from the Syrian president Bashar al-Assad backing Syrian Electronic Army. The group, which is believed to be run will official government approval, has also recently hit PayPal, Microsoft and Facebook with similar cyber attacks.