The Washington Post is actively investigating a cyberattack that targeted the email accounts of several of its journalists, raising concerns about potential foreign government involvement, according to an internal memo and sources familiar with the matter.
In a memo sent to staff, Executive Editor Matt Murray confirmed that the email breach was discovered on Thursday, prompting immediate action from the newspaper’s internal security team.
“All Post employees had their passwords reset on Friday night as a precaution,” the memo stated.
Murray added that the intrusion does not appear to have impacted other internal systems or customer data.
Journalists Covering National Security and China Among Targets
According to a report from The Wall Street Journal (WSJ), the cyberattack may be linked to a foreign government, although no specific nation has been named.
The compromised accounts reportedly belonged to journalists on the Washington Post’s national security and economic policy teams, including reporters who cover U.S.-China relations. If confirmed, this would indicate a targeted espionage-style cyberattack, likely seeking sensitive information.
The WSJ noted that the hackers may have accessed journalists’ Microsoft accounts, which contain work-related emails and potentially confidential communications.
Credential Reset for Entire Staff as a Preventative Measure
As part of its cybersecurity response, the Washington Post enforced a company-wide password reset for all employees. The newspaper also emphasised that no customer data had been affected and that its broader network infrastructure remained secure.
This incident has heightened concerns over digital threats to press freedom and the increasing targeting of media outlets by cyber actors—particularly those believed to be backed by foreign intelligence.
Comparisons to 2022 News Corp Hack
The breach is reminiscent of a 2022 cyberattack on News Corp, the parent company of The Wall Street Journal, which also involved the compromise of journalist email accounts. That incident was later linked to threat actors with suspected ties to Chinese intelligence services.
The recurrence of such attacks underscores the growing vulnerability of media organisations and the need for robust cybersecurity protections, especially for reporters covering sensitive geopolitical topics.
Ongoing Investigation and Cybersecurity Measures
The Washington Post’s IT and cybersecurity teams are working closely with external security experts to determine the origin and full scope of the breach. Federal law enforcement may also become involved if evidence points to international interference.
As of now, no further intrusions have been detected, and operations at The Washington Post remain unaffected.
