News Corp was the target of a hack that accessed emails and documents of some employees, including journalists, an incursion the company’s cybersecurity consultant said was likely meant to gather intelligence to benefit China’s interests.
The attack, discovered on Jan. 20, affected a number of publications and business units including The Wall Street Journal and its parent Dow Jones; the New York Post; the company’s U.K. news operation; and News Corp headquarters, according to a person familiar with the matter.
After discovering the attack, the company notified law enforcement and hired cybersecurity firm Mandiant Inc. to support an investigation, the person said.
“Mandiant assesses that those behind this activity have a China nexus, and we believe they are likely involved in espionage activities to collect intelligence to benefit China’s interests,” said David Wong, vice president of incident response at Mandiant.
News Corp disclosed the hack in a securities filing Friday.
Representatives for the Chinese Embassy in Washington couldn’t immediately be reached for comment.
News Corp believes the threat activity is contained and has been offering guidance to affected employees, the person said.
The method of the hack and the number of staffers whose email accounts and documents were accessed couldn’t be learned.
Systems housing financial and customer data, including subscriber information, weren’t affected, according to the person familiar with the matter.
Law-enforcement officials and cybersecurity experts say that journalists are often high-priority targets for hackers seeking to gain intelligence on behalf of foreign governments because they speak to sources who might have valuable or sensitive information. Powerful surveillance tools have been used against journalists and human-rights activists.
U.S. authorities have accused China-based hackers for years of targeting a range of American businesses and government institutions. FBI Director Christopher Wray said this week that Beijing is running a “massive, sophisticated hacking program that is bigger than those of every other major nation combined.” The FBI has more than 2,000 active investigations related to allegations of Chinese-government-directed theft of U.S. information or technology, Mr. Wray said.
China has repeatedly denied allegations that it has carried out cyberattacks.
In 2013, Chinese hackers trying to monitor news coverage of China hacked into the Journal’s network, apparently aiming to spy on reporters covering China and other issues, the Journal reported. The New York Times had experienced a similar attack. At the time, a Chinese embassy spokesman condemned allegations of Chinese cyberspying.
In February 2020, China revoked the press credentials of three Wall Street Journal reporters based in Beijing. China’s Foreign Ministry said the move was punishment for an opinion piece published by the Journal. The three journalists work for the Journal’s news operation, which operates with a strict separation from the opinion staff.
The following month, the Trump administration announced a personnel cap in the U.S. on four state-run Chinese media outlets. Later that March, China expelled from the country American journalists from multiple news organizations, including the Journal.
In November 2021, each country agreed to ease visa restrictions for the other’s reporters. The Wall Street Journal was among a handful of U.S. outlets set to receive new press credentials for some staff.
Write to Alexandra Bruell at [email protected] and Sadie Gurman at [email protected]
Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8