Gannett, which owns more than 100 newspapers across the US, including USA Today, has been hit with an email phishing attack, potentially compromising the accounts of nearly 18,000 current and former employees. The media company said hackers may have accessed employees’ personal data after several people in its human resources department became victims of a malicious phishing attack.
On 30 March, Gannett discovered that hackers had accessed the email accounts of multiple HR staff members and managed to send phishing emails as well. The cyberattack was investigated by the company’s cybersecurity team.
The breach was discovered after the attacker unsuccessfully attempted to use a hijacked account to fraudulently wire transfer corporate money. Gannett’s finance team quickly identified the request as suspicious. Gannett warned that employees’ dates of birth, bank account information, Social Security numbers, salary, benefits, work history and insurance policy information could have been exposed in the breach.