Threat actors infiltrate News Corp., the company that owns it The Wall Street Journal and other news outlets, apparently had access to its network for two full years. In February last year, News Corp. that they discovered a security breach a month ago and that hackers got into a third-party cloud service that contained employees’ information. Now, according to Ars Technica, the company sent a breach notification letter (PDF) to at least one affected personnel. In it, the company admitted that “an unauthorized party” gained access to business documents and emails in some employees’ accounts between February 2020 and January 2022.
When announced by News Corp. breach, the security firm (Mandiant) that investigated the intrusion said it believed the threat actor was connected to the Chinese government. In addition, it said that the company was probably attacked to gather intelligence for the country. In an email to Arsa representative said that News Corp. continued to believe “that it was intelligence gathering,” but did not respond to a question asking whether investigators still thought the hackers were linked to China.
The company disclosed in the letter, however, that bad actors may have obtained employees’ names, dates of birth, Social Security numbers, driver’s license and passport numbers, as well as their financial , medical and health insurance information. “Not all of this information is affected for every affected individual,” it added. News Corp. said they have not heard of any incidents of identity theft or fraud as a result of the security breach so far, but it is offering affected employees two years of identity protection and credit monitoring.
“Our investigation shows that this activity does not appear to be aimed at exploiting personal information,” News Corp wrote. However, it did not reveal the details of the documents and emails accessed by the threat actors, and it did not say if they were specifically looking for information connected to the company’s reporting.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you purchase something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publication.