Washington Post national security, economic, China reporters hacked

The Washington Post is investigating a cyberattack that compromised journalists' email accounts. A foreign government could be to blame. — Image credit: BRENDAN SMIALOWSKI/AFP via Getty Images

This recording was made using enhanced software.

Summary

Journalists hacked

The Washington Post says journalists covering national security, economic policy and China were compromised.

WaPo response

A forced password reset was carried out for all employees at the Post.

Investigation ongoing

An internal memo at the Post suggested a foreign government could be to blame for the hack.

Full story

The Washington Post is investigating a cyberattack that compromised some of its journalists’ email accounts. The intrusion, first reported by The Wall Street Journal, is suspected to have been carried out by a foreign government.

Cyberattack hits WaPo

According to a memo obtained by Reuters and written by the Post’s Executive Editor Matt Murray, the cyberattack was discovered Thursday, June 12, and targeted reporters covering topics including national security, economic policy and China.

“Although our investigation is ongoing, we believe the incident affected a limited number of Post journalists’ accounts, and we have contacted those whose accounts have been impacted,” Murray said. “We do not believe this unauthorized intrusion impacted any additional Post systems or has had any impact for our customers.”

How did WaPo respond?

In response to the breach, the Post issued a password reset for all employees Friday, June 13. The email accounts, the WSJ said, were managed by Microsoft. The tech company has not commented publicly on the breach.

It’s unclear how many journalists were affected and when the intrusion began.

A Post employee, who asked to remain anonymous, told Straight Arrow News that little is known inside the company outside of investigators and those affected.

The targeting of journalists, media orgs

Journalists are common targets for nation-state actors, who seek to unveil sources and stories prior to publication. A 2023 report from the cybersecurity firm Software Secured concluded that the media was the most vulnerable industry to cyberattacks.

News Corp, which owns media outlets including the WSJ, disclosed in 2022 that the accounts of a handful of reporters were compromised as part of a targeted cyberattack. David Wong, a director at the cybersecurity firm Mandiant, said that the hackers were “likely involved in espionage activities to collect intelligence to benefit China’s interests.”

Tech providers for newsrooms, such as Microsoft, are also frequent targets. In 2021, then-President Joe Biden accused China of hacking Microsoft’s Exchange email server, affecting tens of thousands of users.

Cole Lauterbach (Managing Editor) and Drew Pittock (Digital Producer) contributed to this report.

Tags: China, Hackers, Microsoft, The Washington Post

Why this story matters

The investigation into a suspected foreign government's cyberattack on Washington Post journalists highlights ongoing risks to press freedom, the confidentiality of sources and the security of technology infrastructure in media organizations.

Cybersecurity threats

The incident illustrates how media organizations are increasingly targeted by cyberattacks, potentially compromising sensitive information and operational integrity.

Press freedom and journalist safety

Targeting journalists' email accounts, especially those covering national security and international policy, raises concerns about the exposure of sources and potential effects on investigative reporting.

Foreign interference and espionage

The suspicion that a foreign government is behind the breach underscores concerns over state-sponsored efforts to gather intelligence and influence or monitor independent journalism.

Get the big picture

Synthesized coverage insights across 51 media outlets

Context corner

Cyberattacks on media organizations have become more frequent, as journalists often handle sensitive or confidential information. State-backed actors are frequently suspected in such cases, reflecting wider concerns about information security and freedom of the press. A notable precedent includes a similar attack on The Wall Street Journal in 2022, which targeted reporters covering China and international affairs.

Global impact

The incident underscores the global relevance of cybersecurity threats to media organizations, reflecting ongoing worldwide concerns about state-sponsored espionage and press freedom. As noted in several articles, such attacks have targeted not only U.S. media but also outlets in Europe and Asia, raising the issue of transnational digital threats and international responses.

Oppo research

Critics of current cybersecurity practices in media warn that relying on standard enterprise solutions, like Microsoft 365, can leave organizations exposed. Calls for enhancing virtual barriers and investing in independent, encrypted communication channels are common among watchdog groups and professional journalist associations, citing vulnerabilities highlighted by recurring breaches.