Mass media and publishing giant News Corporation (News Corp) says that attackers behind a breach disclosed in 2022 first gained access to its systems two years before, in February 2020.
This was revealed in data breach notification letters sent to employees affected by the data breach, who had some of their personal and health information accessed, while the threat actors had access to an email and document storage system used by several News Corp businesses.
The incident affected multiple news arms of the publishing conglomerate, including The Wall Street Journal, the New York Post, and its U.K. news operations.
“Based on the investigation, News Corp understands that, between February 2020 and January 2022, an unauthorized party gained access to certain business documents and emails from a limited number of its personnel’s accounts in the affected system, some of which contained personal information,” the company said.
“Our investigation indicates that this activity does not appear to be focused on exploiting personal information. We are not aware of reports of identity theft or fraud in connection with this issue.”
According to News Corp, personal information accessed by the attackers includes one or more of the following for each individual affected by the data breach:
- Names
- Dates of birth
- Social Security numbers
- Driver’s license numbers
- Passport numbers
- Financial account information
- Medical and health insurance information
Cyberspies linked to China
The media giant said last year, when it first disclosed this security breach, that the attackers are associated with a “foreign government,” and they exfiltrated some data during the time they had access to its systems.
“Mandiant assesses that those behind this activity have a China nexus, and we believe they are likely involved in espionage activities to collect intelligence to benefit China’s interests,” David Wong, VP of incident response at Mandiant, told BleepingComputer at the time.
News Corp’s properties include New York Post, The Wall Street Journal, Dow Jones, MarketWatch, Fox News, Barron’s, The Sun, and the News UK British newspaper publisher, among others.
On October 27, 2022, the New York Post also disclosed that it was hacked after unknown attackers used its website and Twitter account to publish offensive headlines and tweets targeting multiple U.S. politicians.
One day later, the tabloid newspaper revealed that the incident was caused by one of its employees who was fired after their involvement was discovered.
Source: https://www.bleepingcomputer.com/news/security/news-corp-says-state-hackers-were-on-its-network-for-two-years/