News Corporation (News Corp), a media and publishing powerhouse, has reported that the attackers responsible for the data breach they disclosed in 2022 had accessed their systems two years prior, in February 2020.
The company sent out data breach notification letters to employees who were affected by the breach. Some of their personal and health information had been accessed, while the attackers gained entry to an email and document storage system that was used by several businesses under News Corp.
The breach impacted multiple news arms of the publishing conglomerate, including several well-known media outlets such as the New York Post, The Wall Street Journal, Dow Jones, MarketWatch, Fox News, Barron’s, The Sun, and the News UK British newspaper publisher, among others.
According to News Corp, the unauthorized party accessed certain business documents and emails from a limited number of personnel accounts in the affected system between February 2020 and January 2022. Personal information included:
- Dates of birth
- Social Security numbers
- Driver’s license numbers
- Passport numbers
- Financial account information
- Medical and health insurance information
Breach linked to Chinese hackers
News Corp clarified that their investigation did not indicate that the activity was aimed at exploiting personal information, and they were not aware of any reports of identity theft or fraud related to the breach.
Last year, when the breach was first reported, News Corp disclosed that the attackers were associated with a foreign government and had exfiltrated data during the period they had access to the systems. Mandiant, a cybersecurity company, had assessed that the attackers had a China nexus and were likely involved in espionage activities to collect intelligence that would benefit China’s interests.
In October 2022, the New York Post disclosed that it had been hacked, and offensive headlines and tweets targeting U.S. politicians were published on its website and Twitter account. The tabloid newspaper later revealed that the incident was caused by one of its employees who was fired after their involvement was discovered.