The Guardian Media Group has confirmed that a ransomware attack hit The Guardian on December 20, during which the personal data of UK staff members were accessed.
A phishing attempt likely triggered the “highly sophisticated cyberattack involving unauthorised third-party access” to parts of The Guardian’s systems. According to the media firm, the data of staff in Australia and USA wasn’t accessed. The publication doesn’t believe any reader or subscriber data was accessed either.
In an email to the staff, The Guardian‘s Editor-in-Chief, Katharine Viner, and Guardian Media Group’s CEO, Anna Bateson, confirmed the breach and said that the risk of fraud is low as none of the leaked data has surfaced online.
At the time of the attack, the company shut down some of its IT infrastructure, which led to the disruption of the print edition, while the online edition wasn’t impacted. WiFi access at the company’s headquarters was disrupted, in addition to shared computer systems used at the company. Except for a few key people, the rest of the staff was asked to work from home for the rest of the week, and most of them are still working from home since the attack.
The Guardian expects critical systems to get back up online within the next two weeks but UK staff’s return to office has been postponed until February to allow time for the IT infrastructure to be restored.
In the News: OpenAI has started testing a paid ChatGPT version
