The Guardian has suffered a major ransomware attack and has revealed that some staff’s personal data was accessed.
The Guardian broke the news in late December that it suffered an IT incident it believed was a ransomware attack. Yesterday morning the outlet confirmed that it was indeed a ransomware attack, one that compromised the personal data of its UK-based employees.
The outlet described the attack as a “highly sophisticated cyber-attack involving unauthorised third-party access to parts of our network,” and likely the result of a phishing attempt.
There was a bit of good news, however, as there appears to be no evidence that readers’ data was accessed.
The Guardian said it had no reason to believe the personal data of readers and subscribers had been accessed. It is not believed that the personal data of Guardian US and Guardian Australia staff has been accessed either.
In an email to staff, The Guardian also said there was no evidence the compromised data had made its way online.
“We believe this was a criminal ransomware attack, and not the specific targeting of the Guardian as a media organisation,” said chief executive Anna Bateson and editor-in-chief Katharine Viner.
“These attacks have become more frequent and sophisticated in the past three years, against organisations of all sizes, and kinds, in all countries.”
They added: “We have seen no evidence that any data has been exposed online thus far and we continue to monitor this very closely.”