Just a few days before Christmas I broke the news Guardian A newspaper company was hit by a ransomware attack, forcing staff to work from home.
I have been told @guardian suffered a “serious IT incident” affecting access to all offices.
Staff have been instructed to work from home and not use VPNs to log into systems… 🙁
We wish the Guardian IT team every success, especially during this time. pic.twitter.com/d31YOkmwoY
— Graham Cluley 🇺🇦 (@gcluley) December 21, 2022
Three weeks later, the respected British newspaper is still in print and its website is still online, but there’s more than just good news to report.
Staff at the 200-year-old news agency were emailed yesterday warning that an ongoing investigation into the attack revealed hackers gained access to files containing personal information about staff members. it was done.
According to the email, the data accessed includes:
- national insurance number
- bank account details
- Salary information
- and identification such as a passport.
Guardian told staff, “We saw no evidence that personal data was published online, so the risk is low. We are continuing to monitor this.”
We understand that this news is of great concern to all. However, now that we know there are risks, we will do everything we can to support our staff…
Guardian contacted the Information Commissioner’s Office (ICO) earlier this month to report the incident. The organization must notify the ICO within 72 hours after he becomes aware of the data breach.