News Corporation (News Corp), a major player in publishing and mass media, claims that the attackers responsible for a breach revealed in 2022 first obtained access to its systems in February of that year.
This information was exposed in letters given to affected employees who had some of their personal and health information accessed as a result of the data breach, as well as details on the threat actors’ access to an email and document storage system used by numerous News Corp businesses.
The Wall Street Journal, the New York Post, and the publishing company’s news activities in the UK were all impacted by the incident.
“Based on the investigation, News Corp understands that, between February 2020 and January 2022, an unauthorized party gained access to certain business documents and emails from a limited number of its personnel’s accounts in the affected system, some of which contained personal information,” the company said.
“Our investigation indicates that this activity does not appear to be focused on exploiting personal information. We are not aware of reports of identity theft or fraud in connection with this issue.”
For each person impacted by the data breach, News Corp claims that the attackers gained access to one or more of the following pieces of personal information:
- Dates of birth
- Social Security numbers
- Driver’s license numbers
- Passport numbers
- Financial account information
- Medical and health insurance information