April 13, 2024

Post-ransomware attack, The Guardian warns staff their personal data was accessed

Just some days earlier than Christmas, I broke information that The Guardian newspaper had suffered what turned out to be a ransomware assault, forcing employees to work at home.

Three weeks have now handed, and though the revered UK newspaper has continued to be printed and its web site remained on-line all through, there isn’t simply excellent news to report.

Yesterday, employees on the 200-year-old information organisation had been despatched an electronic mail that warned them that the continuing investigation into the assault had uncovered that hackers had gained entry to information containing employees’s private data.

Part of an email sent to staff of The Guardian
A part of an electronic mail despatched to employees of The Guardian

In accordance with the e-mail, information accessed contains:

  • names
  • addresses
  • dates of beginning
  • Nationwide Insurance coverage numbers
  • checking account particulars
  • wage data
  • and identification paperwork reminiscent of passports.

Yeuch.

EmailSignal as much as our e-newsletter
Safety information, recommendation, and suggestions.

The Guardian knowledgeable its employees that it had “had seen no proof that private information has been uncovered on-line, and so the chance is low. We’re persevering with to watch for this.”

We realise this information could also be very worrying for everybody, and we wish to say how sorry we’re for any nervousness this will now trigger. However now that we have now confirmed there’s a danger, we are going to do all the pieces we are able to to assist employees…

The Guardian contacted the Data Commissioner’s Workplace (ICO) earlier this month to report the incident. Organisations are required to inform the ICO of any information breaches inside 72 hours of changing into conscious of it.

Discovered this text attention-grabbing? Follow Graham Cluley on Twitter or Mastodon to learn extra of the unique content material we submit.


Graham Cluley is a veteran of the anti-virus business having labored for quite a few safety corporations because the early Nineties when he wrote the primary ever model of Dr Solomon’s Anti-Virus Toolkit for Home windows. Now an unbiased safety analyst, he usually makes media appearances and is a world public speaker on the subject of pc safety, hackers, and on-line privateness.
Observe him on Twitter at @gcluley, on Mastodon at @[email protected], or drop him an electronic mail.