British news organization The Guardian has confirmed that personal information was compromised in a ransomware attack in December 2022.
The company fell victim to the attack just days before Christmas, when it instructed staff to work from home, announcing network disruptions that mostly impacted the print newspaper.
Right from the start, the Guardian said it suspected ransomware to have been involved in the incident, and this week the company confirmed that this was indeed the case.
In an email to staff on Wednesday, The Guardian Media Group’s chief executive and the Guardian’s editor-in-chief said that the sophisticated cyberattack was likely the result of phishing.
They also announced that the personal information of UK staff members was compromised in the attack, but said that reader data and the information of US and Australia staff was not impacted.
“We have seen no evidence that any data has been exposed online thus far and we continue to monitor this very closely,” the Guardian representatives said.
While the attack forced the Guardian staff to work from home, online publishing has been unaffected, and production of daily newspapers has continued as well.
“We believe this was a criminal ransomware attack, and not the specific targeting of the Guardian as a media organization,” the Guardian said.
The company continues to work on recovery and estimates that critical systems would be restored in the next two weeks. Staff, however, will continue to work from home until at least early February.
“These attacks have become more frequent and sophisticated in the past three years, against organizations of all sizes, and kinds, in all countries,” the Guardian said.
It’s unclear which ransomware group was behind the attack.
Related: Rail Company Wabtec Says Data Stolen in Ransomware Attack
Related: New Zealand Government Hit by Ransomware Attack on IT Provider
Related: Virginia County Confirms Personal Information Stolen in Ransomware Attack
https://www.securityweek.com/guardian-confirms-personal-information-compromised-ransomware-attack