British newspaper The Guardian has confirmed that cybercriminals accessed the personal details of U.K. staff members during a ransomware attack last month.
The Guardian confirmed the data breach in an update emailed to staff on Wednesday, which the newspaper reported shortly after. The email, signed by the news outlet’s chief executive Anna Bateson and editor-in-chief Katharine Viner, told employees that the cyberattack involved “unauthorised third-party access to parts of our network,” and was likely triggered by a phishing attempt, but they did not elaborate further.
Phishing is a common tactic employed by attackers and has been blamed for recent data breaches at Twilio, DoorDash and Bed Bath & Beyond.
The Guardian warned U.K. staff that attackers had accessed their sensitive personal information. The newspaper has approximately 1,500 employees around the globe — with 90% in the United Kingdom.
A spokesperson for The Guardian told TechCrunch that it confirmed “all U.K. staff are affected” by the breach, and data accessed “may include human resources data collected as part of everyone’s employment at The Guardian.” The spokesperson confirmed that employee names, addresses, national insurance numbers, government identity documents and salary details were compromised, as first reported by The Record.
The company added that it had no reason to believe the personal data of readers and subscribers had been accessed, nor does it believe that hackers accessed the personal data of staff in the U.S. or Australia.
But there remain several unknowns about the cyberattack, such as who was responsible and whether The Guardian paid a ransom demand.
The Guardian first confirmed that it had been hit by a ransomware attack on December 21. At the time, staff were told to work from home until at least January 23 as the organization battled with “behind the scenes” disruption. The newspaper said that while it expects some critical systems to be back up and running “within the next two weeks,” a return to office working by U.K. staff has been postponed until early February.
https://techcrunch.com/
The Housing Authority of the City of Los Angeles, or HACLA, has confirmed it is investigating a cybersecurity incident shortly after the LockBit ransomware gang claimed responsibility for a cyberattack on the agency. HACLA, which provides affordable housing to more than 19,000 low-income families across Los Angeles, was added to LockBit’s dark web leak site on […]
The U.S. Supreme Court has declined to block a lawsuit brought by WhatsApp challenging the alleged mass phone hacking by Israeli spyware maker NSO Group. Meta-owned WhatsApp first filed a suit against NSO Group in 2019 claiming the spyware maker exploited an audio-calling vulnerability in WhatsApp to stealthily deliver its Pegasus phone spyware onto users’ […]
etailed tactical plans for imminent police raids, confidential police reports with descriptions of alleged crimes and suspects, and a forensic extraction report detailing the contents of a suspect’s phone. These are some of the files in a huge cache of data taken from the internal servers of ODIN Intelligence, a tech company that provides apps and […]
Leave a Reply