China suspected in hack of journalists at News Corp

Digital intruders broke into News Corp email accounts and compromised the data of an unspecified number of journalists, the company disclosed Friday.

The media firm’s internet security adviser said the hack was likely aimed at gathering intelligence for Beijing’s benefit.

News Corp, which publishes the Wall Street Journal, said the breach was discovered in late January and affected emails and documents of what it described as a limited number of employees, including journalists. It said that cybersecurity firm Mandiant had contained the breach.

David Wong, vice president of consulting at Mandiant, said the hackers were believed to have “a China nexus, and we believe they are likely involved in espionage activities to collect intelligence to benefit China’s interests.”

The Chinese Embassy in Washington did not immediately respond to a request for comment.

In a letter seen by Reuters, company executives told their employees that “we believe the activity affected a limited number of business email accounts and documents from News Corp headquarters, News Technology Services, Dow Jones, News UK, and New York Post.”

“Our preliminary analysis indicates that foreign government involvement may be associated with this activity, and that some data was taken,” executives said.

The company added that its other business units, including HarperCollins Publishers, Move, News Corp Australia, Foxtel, REA, and Storyful, were not targeted in the attack. News Corp shares were down 1.3% in morning trading.

The Wall Street Journal, which reported the news first, competes with Reuters, the news division of Thomson Reuters Corp (TRI.TO), in supplying news to media outlets.

Chinese hackers have repeatedly been blamed for hacks of journalists both in the United States and elsewhere.

In 2013, for example, The New York Times reported a breach which it said had affected 53 personal computers belonging to its employees.

The paper said that the timing of the intrusions corresponded with its investigation into the wealth accumulated by relatives of Wen Jiabao, China’s then-prime minister.

The report was the first in a series of contemporaneous disclosures about similar intrusions or attempted intrusions at other US media organizations, including Bloomberg, the Washington Post, and the Wall Street Journal.

Beijing’s hackers have been targeting Western journalists for years, said Mike McLellan, the director of intelligence at cybersecurity firm Secureworks, which has tracked China-linked spying on media organizations on-and-off over the past decade.

He said journalists might have access to valuable sources of intelligence about China’s adversaries or its domestic opponents.

Even considered against China’s reputation for aggressive cyberespionage against a range of targets – from military secrets to intellectual property – McLellan said media remained a favorite.

“Journalists — and the things they’re working on — are fairly high on their list of priorities,” he said.