WSJ Owner, News Corp, Admits Hackers Breached Network for 2 Years

The threat actors had access to News Corp between Feb. 2020 and Jan. 2022.

The threat actors who broke into News Corp, the company behind the Wall Street Journal and other news outlets, were reported to have had access to the network for around two years.

In February 2022, News Corp acknowledged that it had detected a security breach a month earlier and that hackers had accessed employee data on a third-party cloud service.

But recently, Ars Technica reported that the business has sent a breach notification letter to at least one affected employee.

New Corp And Some Of Its Journalists Targeted In Cyberattack
NEW YORK, NEW YORK - FEBRUARY 04: People walk past 1211 Avenue of the Americas the headquarters for News Corp on February 04, 2022 in New York City. The global media company and owner of Fox News and The New York Post announced that in January it suffered a cyberattack which it believes China was behind. The company said that hackers targeted an IT provider which resulted in the theft of unspecified data. Spencer Platt/Getty Images

Unauthorized Party

News Corp acknowledged that between February 2020 and January 2022, "an unauthorized party" managed to gain access to business files and emails in some employees' accounts.

The security company Mandiant which looked into the attack claims that the threat actor may be associated with the Chinese government when News Corp reported the breach.

Furthermore, it claimed that the company was probably attacked in order to obtain information for the nation. A representative for News Corp. said in an email to Ars that the company continues to believe that this was an "intelligence collection," but did not address the topic of whether investigators still believe the hackers were from China.

Sensitive Data Breach

The business disclosed in the letter that the criminals may have obtained employee names, birth dates, Social Security numbers, driver's licenses, and passport numbers, as well as their financial and health insurance.

But News Corp noted that not all of this information affected the individuals whose data was breached.

News Corp stated that it has not yet heard of any incidences of identity theft or fraud as a result of the security breach, but it is providing two years of identity protection and credit monitoring to the affected employees.

"As soon as we became aware of the activity, we notified U.S. law enforcement and launched an investigation with the assistance of a leading cybersecurity firm. We also promptly took steps to contain the activity. Based on the investigation to date, we have no evidence of ongoing unauthorized access to our systems," News Corp wrote in the letter.

"We take our obligation to safeguard personal information very seriously and are alerting you about this issue so you can take steps to help protect yourself."

News Corp also told the addressee in the letter that they are entitled to US law to one free credit report annually from each of the three nationwide consumer reporting agencies.

Byline
Tech Times
ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics