British newspaper The Guardian has confirmed that cybercriminals accessed the personal details of U.K. staff members during a ransomware attack last month.
The Guardian confirmed the data breach in an update emailed to staff on Wednesday, which the newspaper reported shortly after. The email, signed by the news outlet’s chief executive Anna Bateson and editor-in-chief Katharine Viner, told employees that the cyberattack involved “unauthorised third-party access to parts of our network,” and was likely triggered by a phishing attempt, but they did not elaborate further.
Phishing is a common tactic employed by attackers and has been blamed for recent data breaches at Twilio, DoorDash and Bed Bath & Beyond.
The Guardian warned U.K. staff that attackers had accessed their sensitive personal information. The newspaper has approximately 1,500 employees around the globe — with 90% in the United Kingdom.
A spokesperson for The Guardian told TechCrunch that it confirmed “all U.K. staff are affected” by the breach, and data accessed “may include human resources data collected as part of everyone’s employment at The Guardian.” The spokesperson confirmed that employee names, addresses, national insurance numbers, government identity documents and salary details were compromised, as first reported by The Record.
The company added that it had no reason to believe the personal data of readers and subscribers had been accessed, nor does it believe that hackers accessed the personal data of staff in the U.S. or Australia.
But there remain several unknowns about the cyberattack, such as who was responsible and whether The Guardian paid a ransom demand.
The Guardian first confirmed that it had been hit by a ransomware attack on December 21. At the time, staff were told to work from home until at least January 23 as the organization battled with “behind the scenes” disruption. The newspaper said that while it expects some critical systems to be back up and running “within the next two weeks,” a return to office working by U.K. staff has been postponed until early February.
https://techcrunch.com/
CircleCI, a company whose development products are popular with software engineers, has urged users to rotate their secrets following a breach of the company’s systems. The San Francisco–headquartered DevOps company said in an advisory published late Wednesday that it is currently investigating the security incident — its most recent in recent years. “We wanted to make you […]
In late April, police in Nebraska received a tip saying 17-year-old Celeste Burgess had given birth to a stillborn baby and buried the body. Officers soon learned that her mother, Jessica Burgess, and a friend had helped her with transportation and burial. The police issued citations for concealing the death of another person and false reporting. But […]
With a major United States intelligence authority set to expire at the end of the year, and a congressional showdown brewing over whether or not to renew it, new details of an internal audit show that US Federal Bureau of Investigation (FBI) personnel have repeatedly conducted unlawful searches of data collected under the imperiled surveillance authority. Agents […]
Leave a Reply