Staff at the Guardian have had personal and confidential information accessed in a sophisticated cyberattack. The compromised data, according to editor-in-chief Katharine Viner, includes the names, addresses, bank account information, salaries, and passport documents of Guardian reporters. The hack has been going on for almost a month and has impacted some of the paper’s operations.
In an email to staff, Ms Viner said that initial investigations had uncovered that some files containing the personal data of UK staff were accessed in the hack, which is now believed to be a phishing attack leading to a ransomware incident . The paper has promised to support staff given that there is a confirmed risk and the incident has been reported to the relevant authorities. Reader and subscriber data is not thought to have been accessed at this time.
At Keller Postman UK, we have seen victims of similar data breaches become the target of cybercriminals, with instances of fraud, blackmail, and identity theft. And, despite claims from the paper that there appeared to be “no evidence that any data has been exposed online thus far”, affected Guardian employees are at high risk of being targeted by cybercriminals and should take immediate steps to protect themselves.
Data exposed in similar hacks has subsequently been sold on the dark web, with the impact not always apparent until months later. By implementing security steps now, Guardian employees stand a better chance of protecting themselves should their stolen data be used against them in the future.
While the Guardian was a victim of a criminal hack, there are signs that poor data security processes at the paper may have made the breach more likely. For example, one media report states that Guardian staffers were unable to regularly change their passwords as staff were made to “file a special request to the company’s IT department in order to alter login information”. Such an outdated process meant that “many staff had not altered their passwords in several years”.
At Keller Postman UK, we have launched an investigation to find out what happened, and how this breach affects Guardian employees. We believe that failures to adopt standard security measures may have made this attack easier and we plan to launch a data breach group action to help affected employees in England & Wales claim compensation for the security failures.
If you have received notification that you are involved in the Guardian data breach, register below to join our action and receive updates on our investigation.