Hackers breach Microsoft email accounts of The Washington Post's journalists—Investigation Underway

A small group of journalists at The Washington Post has found themselves at the center of a targeted email account breach. The intrusion attempt, believed to be deliberate, prompted the news outlet to reset login credentials for all staff members as a precaution.

According to an internal memo obtained by CNN, the breach was first discovered last Thursday. Executive Editor Matt Murray confirmed the incident in a note to employees, calling it a “possible targeted” attack on journalists’ Microsoft email accounts.

By Friday, the Post had forced a password reset across its systems. While the company’s investigation is still underway, Murray said only a limited number of Microsoft accounts appear to have been affected, and those individuals have already been notified.

“We do not believe this unauthorized intrusion impacted any additional Post systems or has had any impact for our customers,” he added. It remains unclear who carried out the breach.

It’s worth noting that journalists are frequent targets, whether from state-aligned espionage groups trying to monitor sensitive investigations or cybercriminals seeking access to confidential information.

This isn’t the first time a major U.S. news outlet has faced this kind of threat. As The Wall Street Journal, which first reported the breach, noted, it discovered in 2022 that suspected Chinese hackers had infiltrated its systems for years, largely targeting journalists covering China.