Global multimedia giant News Corp on Friday revealed it fell victim to a targeted cyberattack that appears to have been conducted by a “foreign government.”
News Corp documented the breach in an SEC filing that pinned the blame for the attack on cyberspies in China. With the help of incident responders at Mandiant, the company said it sniffed out “persistent cyberattack activity” during an investigation that started in January this year.
Mandiant has confirmed for SecurityWeek that it has been retained by News Corp.
“Mandiant assesses that those behind this activity have a China nexus, and we believe they are likely involved in espionage activities to collect intelligence to benefit China’s interests,” said David Wong, VP of consulting at Mandiant.
News Corp admitted that the hackers managed to steal and exfiltrate corporate data during the heist, but insists customer and financial information was not compromised. The company believes the breach has been contained.
“The Company is remediating the issue, and to date has not experienced any related interruptions to its business operations or systems. Based on its investigation to date, the Company believes the activity is contained,” News Corp said.
The Rupert Murdoch-owned media giant said it’s unable to estimate the financial impact from the incident, and noted its cyber risk insurance policy may not cover all losses.
The Wall Street Journal, which is owned by News Corp, said it was affected by the breach, alongside Dow Jones, the New York Post, news operations in the U.K., and News Corp headquarters.
China has always denied launching cyberattacks, but Chinese state-sponsored hackers have been accused of targeting foreign journalists for more than a decade.
In 2013, Chinese hackers were accused of breaching the systems of the Wall Street Journal, New York Time and Bloomberg in an effort to spy on journalists covering China.