Washington Post email hack exposes journalists’ accounts
▼ Summary
– Several Washington Post journalists’ email accounts were compromised in a suspected foreign government cyberattack, discovered on Thursday.
– An internal memo on June 15 informed employees of a possible targeted intrusion into their email system, affecting a limited number of Microsoft accounts.
– The attack reportedly targeted journalists covering national security, economic policy, and China, according to internal sources.
– State-sponsored hackers, like Chinese threat groups, have a history of exploiting Microsoft Exchange vulnerabilities in organized campaigns against governments and organizations.
– The Washington Post has not publicly disclosed details about the attack, while past incidents highlight similar exploits by groups like APT27 and Bronze Butler.
A sophisticated cyberattack targeting Washington Post journalists has raised alarms about foreign government interference in media operations. The breach, discovered last week, compromised email accounts belonging to several reporters, with evidence suggesting the involvement of a state-sponsored hacking group.
An internal memo circulated to staff confirmed the intrusion, describing it as a “targeted unauthorized access” affecting a small number of Microsoft accounts. While the newspaper has not disclosed specifics, sources indicate the attackers focused on journalists covering national security, economic policy, and China-related topics, areas often scrutinized by foreign intelligence operations.
The Washington Post, owned by Amazon founder Jeff Bezos, holds significant influence in U.S. media, making it a high-profile target for cyber espionage. Experts point to advanced persistent threat (APT) groups, particularly those linked to China, as likely culprits. These actors frequently exploit vulnerabilities in Microsoft Exchange servers, a tactic seen in previous large-scale breaches.
In 2021, Chinese hacking collectives such as APT27 and Bronze Butler weaponized zero-day flaws in Exchange to infiltrate government agencies and NATO members. Last year, Microsoft also warned of attackers abusing Exchange vulnerabilities to escalate privileges and launch NTLM relay attacks. The pattern suggests a continued focus on email systems as a gateway to sensitive information.
Though the Washington Post has not released further details, the incident underscores the growing risks faced by journalists reporting on geopolitically charged subjects. Cybersecurity analysts emphasize the need for enhanced email security measures, especially for media organizations handling confidential sources and classified leaks.
This breach follows a troubling trend of digital assaults on news outlets, where stolen communications can undermine press freedom and expose critical investigative work. As threats evolve, media institutions must prioritize robust cybersecurity protocols to safeguard their operations and protect their journalists.
(Source: Bleeping Computer)
