AUS
NZ
UK
CA
USA
FRA
GER
ESP
ITA
NLD
PRT
SWE
GRC
IND
POL
BRA
ZAF
RUS
CHN
UAE
[Newspaper Kiosks in a Row] CatLane/iStock Unreleased via Getty Images The Washington Post is investigating a cybersecurity breach that compromised the email accounts of several of its journalists, in what company officials have suggested may be the work of a foreign actor, The Wall Street Journal reported Sunday, citing individuals familiar with the situation. Sources say the affected employees were informed that their Microsoft accounts had been accessed by an unauthorized party, potentially exposing emails they sent or received. The journalists targeted reportedly include members of the national security and economic policy teams, with some covering topics related to China. In an internal message sent to staff on Sunday, Executive Editor Matt Murray described the breach as a potential targeted unauthorized access to the organization’s email system. He said only a small number of accounts appear to have been affected and confirmed the breach was identified late Thursday.
The company has launched an internal investigation. Murray, who dealt with a similar cybersecurity incident while leading The Wall Street Journal, said the Post is now working to enhance its digital security protocols. Microsoft (MSFT [https://seekingalpha.com/symbol/MSFT]), whose systems were involved, declined to comment to the Journal on the incident. Employees whose accounts were compromised have been notified in recent days and advised not to speak publicly about the matter. Journalists, particularly those covering sensitive topics or communicating with high-risk sources, have increasingly become targets of state-backed cyber operations.
Law enforcement and cybersecurity professionals say foreign governments often view reporters as valuable entry points for gathering intelligence. This isn’t the first time media outlets have been the focus of nation-state cyberattacks. In a breach disclosed by News Corp (NWSA [https://seekingalpha.com/symbol/NWSA]) in 2022, hackers accessed journalists’ emails and documents dating back to at least early 2020. That incident appeared to center on subjects of strategic interest to the Chinese government, including coverage related to Taiwan and China’s treatment of its Uyghur population. A cybersecurity firm assisting News Corp (NWSA [https://seekingalpha.com/symbol/NWSA]) concluded the attackers were likely acting on behalf of Chinese interests.
The intrusion at the Washington Post appears to have been more limited, according to people briefed on the situation. Only email accounts were compromised, and reporters at the Post say they typically avoid putting highly sensitive information in email. Instead, they rely on encrypted messaging platforms such as Signal and use Slack for internal communication. In his note to staff, Murray said the Post has implemented additional security measures, including requiring all employees to reset their login credentials. He added that there’s no evidence the breach affected other internal systems or impacted readers.
Washington Post probes cyberattack on journalists' email accounts
June 15, 2025 01:10 PM PDT | By EODHD
