Media and publishing giant News Corporation (News Corp) says attackers behind a breach disclosed in 2022 first gained access to its systems two years prior, in February 2020.
It was revealed in data breach notification letters sent to employees affected by the data breach, who had access to some of their personal and medical information, while the threat actors had access to an email and document storage system used by several News Corp. companies.
The incident affected several news branches of the publishing conglomerate, including the Wall Street Journal, the New York Post and its UK news operations.
“Based on the investigation, News Corp understands that between February 2020 and January 2022, an unauthorized party gained access to certain business documents and emails from a limited number of its personnel accounts in the affected system, some of which contained personal information,” the company said.
“Our investigation indicates that this activity does not appear to be focused on the exploitation of personal information. We are not aware of any instances of identity theft or fraud related to this issue.”
According to News Corp, the personal information accessed by the attackers includes one or more of the following for each individual affected by the data breach:
- Date of birth
- Social security numbers
- Driver’s license numbers
- Passport numbers
- Financial account information
- Medical and health insurance information
Cyber spies linked to China
The media giant said last year, when he first revealed this security flawthat the attackers are associated with a “foreign government” and that they exfiltrated certain data during the time they had access to its systems.
“Mandiant believes that those behind this activity have a connection to China, and we believe they are likely involved in espionage activities to collect intelligence for the benefit of China’s interests,” he said. David Wong, vice president of incident response at Mandiant, told BleepingComputer at the time.
News Corp properties include The New York Post, The Wall Street Journal, Fox News and UK newspaper publisher News UK.
On October 27, 2022, the The New York Post also revealed that he was hacked after unknown attackers used his website and Twitter account to post offensive headlines and tweets targeting several US politicians.
A day later, the tabloid revealed that the incident was caused by one of its employees who was fired after their involvement was discovered.