Washington Post journalists’ emails were hacked in a suspected state-backed cyberattack; an investigation is underway amid rising threats to media cybersecurity.

Continue reading
The Washington Post, one of America’s most influential newspapers, is investigating a cyberattack that compromised the email accounts of several of its journalists. The breach, discovered late Thursday, is believed to have been the work of a foreign government, according to internal communications and sources familiar with the incident.
The intrusion was identified on Thursday evening, prompting The Washington Post to initiate a comprehensive internal investigation. By Friday night, the publication had enforced a mandatory reset of login credentials for all employees to secure its digital infrastructure. On Sunday, June 15, Executive Editor Matt Murray sent an internal memo alerting staff to a _“possible targeted unauthorized intrusion into their email system.”_ The memo specified that a limited number of Microsoft email accounts belonging to journalists were affected.
Sources indicate that the cyberattack specifically targeted journalists covering national security, economic policy, and China-related topics. The Wall Street Journal first reported the incident, noting that the attackers may have gained access to both sent and received work emails of the affected reporters. While the full extent of the breach remains under investigation, The Washington Post has reassured staff that there is no evidence that other systems or customer data were impacted.
A forensic team has been brought in to assess the damage and trace the attack's origin. The Washington Post has also advised affected employees to avoid discussing the incident publicly and has implemented additional cybersecurity measures, including enhanced monitoring and organization-wide credential resets.
This breach fits a broader pattern of advanced persistent threats (APTs) targeting media organizations and government agencies. State-sponsored actors, particularly from China, have a history of exploiting vulnerabilities in Microsoft Exchange and other email systems[1][6][5]. In recent years, Chinese hacking groups have orchestrated highly organized campaigns against U.S. government agencies, NATO members, and major news outlets, often leveraging zero-day vulnerabilities and privilege escalation bugs[1][6][5].
Journalists are frequent targets for cyberespionage, given their access to sensitive information and sources[6][5]. The Wall Street Journal itself was subjected to a similar campaign in 2022, with hackers believed to be linked to Chinese interests[6]. The Washington Post has faced cyber threats dating back to 2011, some previously attributed to Chinese groups[5].
Neither The Washington Post nor Microsoft has publicly commented on the specifics of the attack as of this report[4][5][7]. The investigation is ongoing, and law enforcement agencies are expected to assist in determining the perpetrators and mitigating any potential fallout.
The cyberattack on The Washington Post underscores the persistent vulnerabilities of news organizations to sophisticated, state-backed cyber threats. As the investigation unfolds, the incident serves as a stark reminder of the critical importance of robust cybersecurity measures in protecting journalistic integrity and sensitive communications[1][6][5].
For more updates on this developing story and other cybersecurity news, stay tuned to our latest coverage.
[1] https://www.bleepingcomputer.com/news/security/washington-posts-email-system-hacked-journalists-accounts-compromised/ [2] https://www.cnn.com/2025/06/15/media/washington-post-cyberback-emails [3] https://www.reuters.com/world/us/washington-post-investigating-cyberattack-journalists-wsj-reports-2025-06-15/ [4] https://www.bloomberg.com/news/articles/2025-06-16/washington-post-probes-hack-of-journalist-email-accounts [5] https://www.insurancejournal.com/news/national/2025/06/16/827938.htm [6] https://nypost.com/2025/06/16/media/washington-post-journalists-who-cover-china-had-their-email-hacked/ [7] https://www.insurancebusinessmag.com/us/news/breaking-news/washington-post-investigates-email-breach-after-cyberattack-539234.aspx [8] https://www.moneycontrol.com/technology/the-washington-post-targeted-by-cyberattack-email-of-select-journalists-hacked-article-13124970.html [9] https://www.bankinfosecurity.com/suspected-chinese-hackers-targeted-washington-post-a-28715 [10] https://techstory.in/washington-post-probes-cyberattack-targeting-journalists-email-accounts/

U.S. Army recruiting pages hijacked to display fake 404 errors reading ‘Kurdistan’, exploiting a third-party tool and exposing .mil web security gaps.