This post was first published on 22 December 2022.
Update 4 January 2023
The story has moved on and The Guardian has contacted the Information Commissioner’s Office (ICO) to report the breach. Staff are still being told to work from home. No information about what data may have been impacted has been released yet.
The Guardian ransomware attack hits week two as staff WFH • The Register
Original Post
I have a trusted list of sources I use for the the research for Smart Thinking and the UK’s Guardian newspaper is one of them – and today they are the cyber security story:
Guardian hit by serious IT incident believed to be ransomware attack – The Guardian
The attack has had a serious impact on the news company’s technical infrastructure and as part of their incident response plan staff are working from home whilst the issues are sorted. Online publishing has not be affected and they are confident the Thursday paper edition will be printed.
There has been little comment yet on what information has been compromised, if it was subscriber PII or whether any sensitive data has been exfiltrated from the organisation.
The working from home response is a good one for a cyber attack – possibly you should add it to your incident response plan, if it is not there already.
You do have an incident response plan? If not may be Santa will bring you one, or you could make a New Year’s resolution to write one in 2023. Or we could help…
Clive Catton MSc (Cyber Security) – by-line and other articles
Please Note:
I am on leave so the news this week is “in brief”. You can still contact me via the contact page and Octagon Technology.
