Cyber Incident Victim: Washington Post

On Thursday, the Washington Post discovered a cyberattack targeting the email accounts of some of its journalists, according to a source familiar with the matter and an internal memo reviewed by Reuters. Executive Editor Matt Murray communicated the discovery to staff in an internal memo, stating that the newspaper immediately launched an investigation. The memo indicated that the intrusion was identified on Thursday and that the Post began its investigative response immediately. The Wall Street Journal first reported the breach, noting that it could be the work of a foreign government.

The internal memo from Matt Murray told employees that all Post employees had their passwords reset on Friday as a precautionary measure. Murray added that the intrusion was not thought to have affected any additional Post systems or customer data. On Friday night, the newspaper also forced a credential reset for all employees. The Wall Street Journal reported that the intrusion compromised journalists' Microsoft accounts, which could have allowed the intruder to access their work emails.

The reporters whose email accounts were targeted included members of the Washington Post's national security and economic policy teams, with some of those journalists covering China-related topics. The Wall Street Journal's report indicated that the compromise of Microsoft accounts could have granted the intruder access to the journalists' work emails. The Washington Post's response included the immediate password reset on Friday and a forced credential reset later that night. The Post stated that, based on its initial assessment, the intrusion did not appear to have impacted any additional Post systems or customer information.