Article Details
Scrape Timestamp (UTC): 2025-06-16 15:10:17.971
Original Article Text
Click to Toggle View
Washington Post's email system hacked, journalists' accounts compromised. Email accounts of several Washington Post journalists were compromised in a cyberattack believed to have been carried out by a foreign government. The incident was discovered on Thursday evening and the publication started an investigation. On Sunday, June 15, an internal memo was sent to employees, informing them of a “possible targeted unauthorized intrusion into their email system.” According to The Wall Street Journal, the memo was signed by Executive Editor Matt Murray and informed that Microsoft accounts of a limited number of journalists were affected. Owned by Amazon founder Jeff Bezos, The Washington Post is one of the most influential newspaper publications in the United States. Internal sources told The Wall Street Journal that the attack targeted journalists writing on national security and economic policy topics, as well as some who write about China. Advanced persistent threats (APTs), or state-sponsored actors, often target email systems like Microsoft Exchange. Two years ago, Chinese hackers leveraged insecure Exchange endpoints to breach email accounts of two dozen government agencies globally, accessing extremely sensitive and confidential data. But Chinese threat groups have a long history of exploiting Exchange vulnerabilities in highly organized campaigns. They targeted U.S. government agencies in 2020, and multiple NATO members in 2021. Last year, Microsoft warned that hackers were exploiting a critical privilege elevation bug in Exchange as a zero-day to perform NTLM relay attacks. ESET cybersecurity company also discovered in 2021 multiple Chinese threat groups, including APT27, Bronze Butler, and Calypso, exploiting zero-day vulnerabilities in Microsoft Exchange. Washington Post has not shared publicly any details about the attack. Why IT teams are ditching manual patch management Patching used to mean complex scripts, long hours, and endless fire drills. Not anymore. In this new guide, Tines breaks down how modern IT orgs are leveling up with automation. Patch faster, reduce overhead, and focus on strategic work -- no complex scripts required.
Daily Brief Summary
The Washington Post disclosed a security breach involving the email accounts of several journalists, suspected to be conducted by a foreign government.
The breach was initially identified on a Thursday evening, with the internal investigation beginning soon after the detection.
An internal memo informed employees about the unauthorized intrusion, specifically affecting a limited number of Microsoft accounts owned by journalists.
Targeted journalists predominantly covered sensitive topics relating to national security, economic policy, and issues related to China.
Past incidents mention that state-sponsored actors or advanced persistent threats (APTs), like those from China, have exploited vulnerabilities in Microsoft Exchange to conduct similar breaches.
Microsoft had previously issued warnings regarding the exploitation of a critical privilege elevation bug in Exchange as a zero-day for NTLM relay attacks.
Noteworthy is that no specific details about the perpetrators or technical specifics of the breach have been disclosed publicly by The Washington Post at this time.