British newspaper The Guardian has confirmed its systems have been hit by a “serious IT incident,” which it believes is likely a ransomware attack.
The Guardian, whose media editor was first to report the incident, said that the incident began late on Tuesday and has affected parts of the company’s IT infrastructure.
“There has been a serious incident which has affected our IT network and systems in the last 24 hours,” Guardian Media Group chief executive Anna Bateson and editor-in-chief Katharine Viner said in a note to employees: “We believe this to be a ransomware attack but are continuing to consider all possibilities.”
As a result, the publisher said it’s experiencing disruption to “behind the scenes” services, and employees have been told to work remotely for the rest of the week. However, the company says that online publishing is largely unaffected, adding that it was “confident” it could still produce Thursday’s print newspaper.
Further details about the attack remain vague, and it’s unclear how The Guardian’s systems were compromised, whether data was stolen or whether it received a ransom demand. Ransomware actors typically exfiltrate then threaten to publish a victim’s personal data unless a ransom demand is paid.
It’s also unclear who is behind the attack, and the incident doesn’t yet appear to have been claimed by any major ransomware group.
When reached by email, a spokesperson for The Guardian — who declined to provide their name — would not answer TechCrunch’s questions.
News organizations have become regular targets for cyberattacks. In September, hackers breached the internal systems of U.S. business publication Fast Company to send offensive push notifications to Apple News users.
The New York Post also confirmed that it was hacked in October. However, the company later claimed that a rogue employee was to blame for the “unauthorized conduct,” but declined to say what evidence the newspaper had to show that the employee was to blame.