- The rise of AI PCs: How businesses are reshaping their tech to keep up
- Benchmarks Find ‘DeepSeek-V3-0324 Is More Vulnerable Than Qwen2.5-Max’ | TechRepublic
- Tripwire Patch Priority Index for March 2025
- Explorando la confluencia de la tecnología y la sostenibilidad para un futuro mejor
- 솔라윈즈, 스쿼드캐스트 기반 사고 대응 도구 출시··· AI로 IT 복원력 강화
News Corp Reveals Two-Year-Long Breach
Media giant News Corp has revealed a breach that may have affected its systems in the US for over two years.
Writing in a letter to employees last week, the company said it found out in January 2022 that threat actors may have stolen their personal and health information.
“Between February 2020 and January 2022, an unauthorized party gained access to certain business documents and emails from a limited number of its personnel’s accounts in the affected system, some of which contained personal information.”
This included names, dates of birth, Social Security numbers, driver’s license numbers, passport numbers, financial account information, medical information and health insurance information.
“It is astounding that News Corp has only discovered this highly important piece of information one year after the breach was first announced, and it puts employees at a much greater risk of financial fraud and identity theft,” commented Julia O’Toole, CEO of MyCena Security Solutions.
“Given that the attackers had two years of access before they were identified […] they most likely got away with more information than was first realized. With no one knowing it was stolen, they wouldn’t have been on high alert for potential attacks.”
At the same time, the media company wrote that its investigation indicates the malicious activity did not appear to be focused on exploiting personal information.
News Corp further added it has been working with law enforcement during the investigation. It is also offering affected individuals free credit monitoring services.
Prevention is still the best tactic, according to O’Toole, who added that businesses must prioritize their defenses against phishing.
“The only way to achieve this is through encryption, where employee credentials are encrypted, meaning they never see them, know them, or have the ability to hand them over to criminals unwittingly,” she told Infosecurity in an email.
The disclosure comes a year after News Corp unveiled a separate breach, possibly connected to Chinese threat actors.
