Guardian confirms that ransomware attack compromised personal data of British staff
THE Guardian has confirmed it was hit by a ransomware attack last month and that the personal data of its UK staff members had been compromised.
In a note to staff, Anna Bateson, the Guardian Media Group chief executive, and Katherine Viner, the editor-inchief, said the incident was a “highly sophisticated cyberattack involving unauthorised third-party access to parts of our network”.
They said hackers most likely gained access through a so-called phishing attack, which attempts to trick staff into clicking booby-trapped links.
It is not clear how large a ransom was demanded or whether The Guardian has paid. The newspaper said that while employees’ personal data had been accessed, there was no evidence it had been exposed online, meaning the risk of fraud was low. It added that it did not believe the personal data of readers or subscribers had been compromised, nor that of its staff in the US or Australia. The incident has been reported to the Information Commissioner’s Office, the UK data watchdog, as well as the police.
The Guardian was forced to shut its offices on Dec 20 after its systems were crippled by the cyberattack, which knocked out Wi-fi systems at the newspaper’s headquarters in King’s Cross, while other shared computer systems have also been affected.
Bosses said a return to the office will now be delayed to the beginning of next month as it continues to grapple with the shutdown. The company previously said it hoped staff would be able to return from Monday Jan 23.
The Guardian said it expects some critical systems to be up and running “within the next few weeks”. Journalists are still able to publish stories online and access email as normal, while production of the print newspaper has also not been affected.
Ms Bateson and Ms Viner said: “We believe this was a criminal ransomware attack, and not the specific targeting of The Guardian as a media organisation.
“These attacks have become more frequent and sophisticated in the past three years, against organisations of all sizes, and kinds, in all countries. We have seen no evidence that any data has been exposed online thus far and we continue to monitor this very closely.”
A GNM spokesman said: “We aren’t going to say anything at all about these matters or speculate on who is responsible. That is partly on the advice of the external security experts advising us.”