Hackers who targeted The Guardian in a December ransomware attack accessed the personal information of journalists and other staff, the U.K.-based news outlet confirmed on Wednesday.
The media company’s executives informed employees of the update in an email, which described the hack as a “highly sophisticated cyber-attack involving unauthorised third-party access to parts of our network.” That notice went on to explain that the breach likely stemmed from an email phishing scheme, which got staff to download malware.
The Guardian is one of the largest and most read news publishers “across the pond,” both in print and online. In total, the media group employs about 1,500 staff— most based in the United Kingdom, according to Statista.
On December 20, the outlet first detected a “serious IT incident.” Staff at The Guardian’s U.K. office have been working from home after the hack incapacitated the company’s centralized network. The attack has apparently paralyzed everything from the office’s wifi to its cafeteria cash registers, according to a report from media start-up Semafor. “It’s been a total nightmare,” one unnamed Guardian employee told Semafor.
And that nightmare just keeps getting worse, based on today’s update. Not only are The Guardian’s workers operating under chaotic, subpar conditions, but also their own data was also caught up in the breach. It’s not clear exactly what type of employee information was hacked, or if the breach compromised any confidential sourcing information. Gizmodo reached out to The Guardian for comment and didn’t immediately hear back.
On the upside, though, the outlet’s execs have said they don’t believe the attack impacted the company’s U.S. or Australian offices. Further, the outlet has “no reason to believe” that the hackers accessed reader or subscriber data. And so far, none of that sensitive staff personal data has been found circulating online. Guardian executives told staff in the email.
Previously, The Guardian told staff its U.K. offices would remain closed until at least January 23, according to Semafor. But on Wednesday, the company noted that return to in-person work would be postponed (again) until at least early February. The outlet’s executives wrote that they expect some critical IT systems to be back up to snuff “within the next two weeks,” but repairing other systems will apparently take more time than that.
Cyber attacks and hacks have been on the rise in recent years, and 2022 was no exception. In the last few months of the year, the number of data breaches rose 70% compared with the quarter before, according to Infosecurity Magazine.