Early last year, NewsCorp – the media giant which publishes well-known products such as The Wall Street Journal, HarperCollins, The Times & The Sunday Times, and the New York Post announced that they had identified a breach in their network.
In a filing with the US Securities & Exchange Commission (SEC), NewsCorp state:
“In January 2022, the Company discovered that one of these systems was the target of persistent cyberattack activity. Together with an outside cybersecurity firm, the Company is conducting an investigation into the circumstances of the activity to determine its nature, scope, duration and impacts. The Company’s preliminary analysis indicates that foreign government involvement may be associated with this activity, and that data was taken. To the Company’s knowledge, its systems housing customer and financial data were not affected. The Company is remediating the issue, and to date has not experienced any related interruptions to its business operations or systems. Based on its investigation to date, the Company believes the activity is contained. At this time, the Company is unable to estimate the expenses it will incur in connection with its investigation and remediation efforts.”
The breach had affected business email systems and a cloud-hosted document storage area and a number of personnel had been impacted in that personal data had been obtained by the attackers. This data included:
- Names
- Dates of birth
- Social Security numbers
- Driver’s license numbers
- Passport numbers
- Financial account information
- Medical and health insurance information
Now that the cybersecurity firm Mandiant has had time to analyse the breach, NewsCorp have issued a new statement
NewsCorp now say that it appears that the attackers had infiltrated the network sometime in February 2020 and that the attackers were linked to China and were likely involved in espionage activities to collect intelligence to benefit China’s interests.