Media giant News Corp says it has fallen victim to a cyberattack. First analysis indicates that the attack was a state sponsored attack, aimed at emails and documents of News Corp employees, including journalists. News Corp says data was stolen, but that it didn’t include financial data or subscriber information.

The hack also affected financial news unit Dow Jones and News UK, the division that controls the Times of London and the Sun, according to a statement provided by News Corp.

Investigation

News Corp reported the attack in a document which was sent to the United States Securities and Exchange Commission (SEC).

“In January 2022, the Company discovered that one of these systems was the target of persistent cyberattack activity. Together with an outside cybersecurity firm, the Company is conducting an investigation into the circumstances of the activity to determine its nature, scope, duration and impacts. The Company’s preliminary analysis indicates that foreign government involvement may be associated with this activity, and that data was taken. To the Company’s knowledge, its systems housing customer and financial data were not affected. The Company is remediating the issue, and to date has not experienced any related interruptions to its business operations or systems. Based on its investigation to date, the Company believes the activity is contained. At this time, the Company is unable to estimate the expenses it will incur in connection with its investigation and remediation efforts.”

Targets

In an email to its employees, News Corp stated that the attack was discovered on January 20 and affected a number of publications and business units including The Wall Street Journal and its parent Dow Jones, the New York Post, the company’s UK news operation, and News Corp headquarters.

“We appear to have been the target of persistent nation-state attack activity that affected a limited number of our employees.”

News Corp chief technology officer David Kline and chief information security officer Billy O’Brien stated in an email to employees:

“We will not tolerate attacks on our journalism, nor will we be deterred from our reporting, which provides readers everywhere with the news that matters.”

Attribution

The firm that was brought in to investigate the incident believes the attackers are likely involved in espionage activities to collect intelligence to benefit China’s interests. News Corp said it would provide details of the breach to other news organizations so they could take appropriate measures.

As many other security authorities have pointed out, China has been ramping up cyberattacks on US and European organizations. For example, US authorities blamed China for a massive breach in 2021 of Microsoft’s Exchange email service. In the breach, hackers associated with China’s Ministry of State Security accessed thousands of email accounts associated with businesses, government offices and schools around the world.