Washington Post Journalists’ Microsoft Email Accounts Hacked
None
<p class="ai-optimize-6 ai-optimize-introduction">Several journalists with <em>The Washington Post </em>were targeted in a cyberattack that compromised their Microsoft email accounts, an echo of similar incidents at other global news operations.</p><p class="ai-optimize-7">First <a href="https://www.wsj.com/tech/cybersecurity/cyberattack-on-washington-post-compromises-email-accounts-of-journalists-70bf1300?gaa_at=eafs&gaa_n=ASWzDAgW9UY-XV420fJY46fpSqY95pWkQnm_I0kKGtmDxy2F-gWMOhm41Lua&gaa_ts=68500e95&gaa_sig=-8cpPlXKv5dR7I9dO3bQmJI6e6O7F_LSvwiszgV6s5JXAgaVm6b1D6cKfDgy5ia5HChEIp2XYkSPRhowTwLmfg%3D%3D" target="_blank" rel="noopener">reported by <em>The Wall Street Journal</em></a>, the <em>Post</em>’s editor in a memo to staff said the attack focused on several reporters, some of whom cover national security and economic policy, including China.</p><p class="ai-optimize-8">According to the <em>WSJ</em> report that cited unnamed people familiar with the situation at the <em>Post</em>, a foreign government could be behind the incident, which was uncovered late last week.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&utm_source=do&utm_medium=referral&utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p class="ai-optimize-9">The attack on the journalists’ email accounts could have given the perpetrators access to their work emails, both those they send and receive, according to some sources. The <em>WSJ</em> wrote that reporters at the newspaper said they tend to rely on Slack for internal communications and Signal and similar encrypted messaging services when contacting sources.</p><p class="ai-optimize-10">It’s unclear how many journalists were targeted in the attack.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="3125874c25426fb556c7bcab-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="3125874c25426fb556c7bcab-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p class="ai-optimize-11">In the internal memo that was viewed by the <em>WSJ</em>, <em>CNN</em> and other news organizations, <em>Washington Post</em> Executive Editor Matt Murray told employees that company’s investigation into the intrusion was ongoing and that “we believe the incident affected a limited number of Post journalists accounts, and we have contacted those whose accounts have been impacted.”</p><p class="ai-optimize-12">“We do not believe this unauthorized intrusion impacted any additional Post systems or has had any impact on our customers,” he added.</p><p class="ai-optimize-13">The <em>Post</em> has declined to comment further to media organizations.</p><h3 class="ai-optimize-14">Previous Cyberattacks</h3><p class="ai-optimize-15">This isn’t Murray’s first experience with a cyberattack on a news organization. In 2022, when he was editor-in-chief of the <em>WSJ</em>, Murray had to manage a similar incident with the news organization’s parent company, <em>Fox News</em> owner <em>News Corp</em>. According to the <em>Wall Street Journal</em>, the hack dated back to 2020, with the bad actors searching journalists’ emails and documents and apparently were interested in issues that were of interest to China’s leadership, including Taiwan and the country’s Uyghur ethnic group.</p><p class="ai-optimize-16">A cybersecurity consultant with <em>News Corp</em> at the time said the aim of the attack seemed to be to collect information that could benefit China’s government leaders.</p><h3 class="ai-optimize-17">Journalists Under Assault</h3><p class="ai-optimize-18">Major news organizations for more than a decade have been the target of cyberattacks, with the <em>WSJ</em>, <em>New York Times</em> and <em>Washington Post</em> being <a href="https://www.wsj.com/articles/SB10001424127887323926104578276202952260718" target="_blank" rel="noopener">targeted by Chinese hackers</a> as far back as 2013.</p><p class="ai-optimize-19">Journalists around the world have come under increasing cyberattacks, according to reports. In a report earlier this year, the Center for News, Technology and Innovation (CNTI) found that the adoption of new communications methods has been both a boon for journalists and the way they work and a challenge to their operations, particularly as governments and other entities have used these technologies against them.</p><p class="ai-optimize-20">“Governments around the world are increasingly <a href="https://cnti.org/wp-content/uploads/2025/04/CNTI_2025_WhatItMeansToDoJournalismInTheAgeofAI.pdf?_gl=1*at65t0*_ga*MjAxNTIyODkzLjE3NTAwNzUzMjU.*_ga_TXMKK4H4G2*czE3NTAwNzUzMjUkbzEkZzAkdDE3NTAwNzUzMjUkajYwJGwwJGgw" target="_blank" rel="noopener">impinging on press freedom</a>, weaponizing the law against journalists, while questions about revenue models and digital content valuation remain unsettled,” CNTI researchers wrote. “Social media platforms specifically have offered new opportunities to meet the public where they are, but have also put journalists on the receiving end of continuous legal threats and harassment.”</p><p class="ai-optimize-21">In a survey of 430 journalists from around the world, the organization said half experienced direct government overreach in 2024, while only 15% said they use encrypted peer-to-peer messaging as the primary way of communicating with sources.</p><p class="ai-optimize-22">The CNTI researchers wrote that the “<a href="https://innovating.news/2024-journalist-survey/security/" target="_blank" rel="noopener">digital security of journalists is under threat</a> in many parts of the world. Cyberattacks, including malware, spyware and digital surveillance, increasingly target journalists and news organizations, putting their private data at risk for unauthorized access and misuse.”</p><p class="ai-optimize-23">They added that “journalists and news organizations are faced with new forms of online harassment and abuse. Such harassment takes many forms, but can be defined as ‘technology – like cellphones, computers, social media or gaming platforms – [used] to bully, threaten, or aggressively hassle someone.”</p><h3 class="ai-optimize-24">DDoS Attacks Target News Operations</h3><p class="ai-optimize-25">In a report this month, Cloudflare found that journalists and news organizations saw the <a href="https://radar.cloudflare.com/reports/project-galileo-11th-anniv" target="_blank" rel="noopener">highest number of distributed denial-of-service (DDoS) and other attacks</a> among entities that receive free security services through the vendor’s Project Galileo. The organizations covered by the initiative include not only news organizations but also those involved with human rights, civil society and democracy.</p><p class="ai-optimize-26">Overall, the number of attacks targeting all organizations under the Project Galileo umbrella is growing rapidly, with Cloudflare saying that between May 1, 2024, and March 31, it blocked 108.9 billion cyberthreats, an average of almost 325.2 million a day over the period and a 241% year-over-year increase.</p><p class="ai-optimize-27">Journalists and news operations saw the largest number of attacks, with more than 97 billion malicious requests blocked as potential threats across 315 organizations. Almost 93% of those incidents were DDoS attacks, with another 6% being web application firewall (WAF) mitigations.</p><div class="spu-placeholder" style="display:none"></div>