News Corp acknowledges two years of system access by hackers
Hacker work front of his laptop computer with dark face.

News Corp acknowledges two years of system access by hackers

The Wall Street Journal and other news organisations are owned by News Corp., and it appears that the threat actors that entered the corporation had access to its network for two full years. News Corp. disclosed in February of last year that it had identified a security compromise a month earlier and that hackers had broken into a third-party cloud service containing employee information. Ars Technica reports that the corporation has now delivered a breach notification letter (PDF) to at least one impacted employee. In it, the corporation admits that between February 2020 and January 2022, “an unauthorised party” got access to corporate documents and emails in some workers’ accounts.

When News Corp. reported the hack, the security firm (Mandiant) that examined it indicated the threat actor was linked to the Chinese government. It went on to say that the firm was most likely targeted in order to acquire intelligence for the country. In an email to Ars, a spokesman stated that News Corp. believes “that this was an intelligence gathering,” but did not answer to a query about whether investigators still believe the hackers were connected to China.

Yet, according to the letter, the bad actors may have obtained employees’ names, birth dates, Social Security numbers, driver’s licence and passport numbers, as well as financial, medical, and health insurance information. “Not all of this information was affected for each affected individual,” the statement continued. Although News Corp. has not received any reports of identity theft or fraud as a result of the security compromise, it is providing impacted workers with two years of identity protection and credit monitoring.

“Our investigation indicates that this activity does not appear to be focused on the exploitation of personal information,” News Corp. stated in its letter. It did not, however, identify the contents of the papers and emails that the threat actors could access, or whether they were deliberately seeking able to access, or whether they were deliberately seeking for material related to the company’s reporting.