Go to listing page

Chinese Hackers Lived Inside News Corp's Network for Two Years

Chinese Hackers Lived Inside News Corp's Network for Two Years
The U.S.-based mass media and publishing organization News Corp has recently disclosed the data breach occurred that began in 2020 and continued till 2022. The organization said that the attackers had access to the company’s networks and they could access the emails and other storage systems multiple times.

Impact of the attack

The Wall Street Journal on February 4, 2022, reported that the incident had impacted several businesses, including the New York Post, The Wall Street Journal and its parent company Dow Jones, and its U.K.-based news operations including News UK, and the News Corp headquarters. The findings were based on Mandiant’s report, which further disclosed that the attackers involved in this attack are believed to be of foreign origin and operating in the interests of the Chinese government.

Data compromised

According to recent revelations, the incident affected a limited number of its employees and the organization has started sending notification letters to them.
  • The attackers had gained access to the network in February 2020 and could move across the systems that stored the personal and health information (PHI) of its employees, among other sensitive information.
  • Until January 2022, the threat actors were able to access the email and document storage systems using their personnel's accounts.
  • The personal details accessed by the attackers include names, dates of birth, passport numbers, driver's license numbers, SSNs, financial account information, and medical and health insurance details.

The SEC filing by News Corp revealed that hackers pilfered some data, however, systems carrying the financial and customer data were not affected.

Espionage in disguise

While traversing News Corp’s computer networks, the attackers were able to access the emails and Google Docs of employees, including draft articles.
  • Based on the list of targeted documents, it was found that they were interested in topics related to Chinese interests, including Taiwan and China’s Uyghur ethnic group.
  • They further accessed articles and notes related to U.S. technology regulations related to China and the U.S. military troop activity and even searched emails for keywords such as defense.

Ending notes

Attackers had uninterrupted access to News Corp networks. It is high time organizations realize the importance of data security and privacy, and implement checkpoints or barriers to identify and contain such breach incidents. Experts suggest having strong data security control, along with firewalls and an intrusion detection/prevention system to keep a check on such threats.
Cyware Publisher

Publisher

Cyware