News Corp: hackers inside internal network for 2 years


The investigation of a January 2022 breach has led News Corp to discover its internal network systems had been compromised for almost two years.

The New York City based media and publishing giant revealed the unexpected news in a breach notification letter filed in Massachusetts and sent to News Corp employees dated February 22, 2023.

“On January 20, 2022, News Corp discovered a cyberattack on a business email and document storage system used by several News Corp businesses,” the notice stated.

News Corp businesses include US media powerhouse outlets such as the Dow Jones, Wall Street Journal, Fox News, New York Post, Sun, and MarketWatch.

“Based on the investigation, News Corp understands that, between February 2020 and January 2022, an unauthorized party gained access to certain business documents and emails from a limited number of its personnel’s accounts in the affected system, some of which contained personal information,” stated News Corporation.

The January 2022 attack was believed to be carried out by a group of intelligence-seeking hackers linked to China, according to the cybersecurity company Mandiant, in charge of the investigation that year. News Corp emphasized that the breach notification covers a 2020 breach.

“As we said and was reported more than a year ago, we believe that this was an intelligence collection effort; and the investigation suggests it was not focused on exploiting personal data. We are not aware of reports of identity theft or fraud in connection with it. Also as was said and reported more than a year ago, the activity was contained, and targeted a limited number of employees,” News Corp representative told Cybernews.

It was discovered the hackers had accessed journalist emails and stolen numerous documents – including articles and drafts – related to China, US military troop activity and technology regulation, and White House officials, according to reports at the time.

The hack had left many journalists unsettled, fearful of newly identified sources being targeted by the Chinese government.

The February 22 notification letter stated the employee data compromised in the attack could have included names, dates of birth, social security numbers, driver’s license numbers, passport numbers, financial account information, medical information, and health insurance information.

The media conglomerate said they were not aware of any “reports of identity theft or fraud in connection with this issue.”

News Corp has reported that there is no longer evidence of “ongoing unauthorized access” in the internal network systems at this time and that law enforcement, and cybersecurity experts were called in as soon as the company became aware of the attack.


More from Cybernews:

FlipperZero explained: what a Tamagotchi-like tool is actually capable of

Wiz tech firm raises $300m to become the biggest cyber-unicorn of them all

Sleeping in office does not save your job, Twitter’s top executive finds

The impact of social media on the Russia-Ukraine war

US Treasury sanctions Russian cyber and influence entities

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked