Post-ransomware attack, The Guardian warns staff their personal data was accessed

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Post-ransomware attack, The Guardian warns staff their personal data was accessed

Just a few days before Christmas, I broke news that The Guardian newspaper had suffered what turned out to be a ransomware attack, forcing staff to work from home.

Three weeks have now passed, and although the respected UK newspaper has continued to be published and its website remained online throughout, there isn’t just good news to report.

Yesterday, staff at the 200-year-old news organisation were sent an email that warned them that the ongoing investigation into the attack had uncovered that hackers had gained access to files containing staff’s personal information.

Part of an email sent to staff of The Guardian
Part of an email sent to UK staff of The Guardian

According to the email, data accessed includes:

  • names
  • addresses
  • dates of birth
  • National Insurance numbers
  • bank account details
  • salary information
  • and identity documents such as passports.

Yeuch.

Sign up to our free newsletter.
Security news, advice, and tips.

The Guardian informed its staff that it had “had seen no evidence that personal data has been exposed online, and so the risk is low. We are continuing to monitor for this.”

We realise this news may be very worrying for everyone, and we want to say how sorry we are for any anxiety this may now cause. But now that we have confirmed there is a risk, we will do everything we can to support staff…

The Guardian contacted the Information Commissioner’s Office (ICO) earlier this month to report the incident. Organisations are required to notify the ICO of any data breaches within 72 hours of becoming aware of it.


Graham Cluley
Graham Cluley •   @gcluley

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.