The Washington Post is currently investigating a cyberattack that targeted the email accounts of some of its journalists. The intrusion was discovered on Thursday, prompting an immediate investigation and a mandatory password reset for all employees as a precautionary measure. According to an internal memo from Executive Editor Matt Murray, the newspaper believes the impact was limited to the email accounts and did not affect other Post systems or customer data.
The cyberattack specifically compromised Microsoft accounts belonging to Post journalists.
Reports indicate that this could have given the intruders access to work emails. The affected journalists included those on the national security and economic policy teams, with some reporting on China. This suggests a potentially sophisticated attacker with specific targets within the news organization.
The Wall Street Journal, which initially reported on the breach, suggested that a foreign government might be responsible for the attack.
This aligns with a previous incident in 2022 where News Corp, the publisher of the Wall Street Journal, experienced a similar breach that compromised the email accounts and data of an unspecified number of its journalists.
These incidents highlight a growing concern about cyberattacks on media organizations, particularly those targeting journalists who cover sensitive topics. Such breaches not only risk exposing confidential sources and ongoing investigations but also raise questions about press freedom and national security. The ongoing investigation by the Washington Post aims to determine the extent of the damage and identify the perpetrators.
Reference:
