The Guardian contacts data protection regulator after suspected ransomware incident
The Guardian's headquarters in London. Image: Wikimedia Commons
Alexander Martin January 3, 2023

The Guardian contacts data protection regulator after suspected ransomware incident

Alexander Martin

January 3, 2023

The Guardian contacts data protection regulator after suspected ransomware incident

The Guardian newspaper has contacted the United Kingdom’s data protection regulator following a suspected ransomware attack on December 20.

It is not currently known what, if any, personal data the attackers accessed from the 200-year-old news organization.

Under data protection regulations in the U.K., organizations must contact the Information Commissioner’s Office (ICO) to report personal data breaches when they lose timely access to data, even if it is not obtained by a third party.

Organizations are required to notify the ICO of a breach “without undue delay and no later than 72 hours after having become aware of it,” according to the regulator’s guidance around ransomware incidents. 

A spokesperson for the ICO told The Record: “Guardian News and Media has made us aware of an incident and we are making enquiries.”

Despite the significant impact on some of the company’s key networks — including those controlling the building’s WiFi — The Guardian and The Observer newspapers have continued to be published both online and in print.

Staff in the U.K., United States, and Australia have been asked to work from home, as they did during the COVID-19 pandemic, until at least January 23.

Considered one of the U.K.’s papers of record, and its most prominent liberal leaning newspaper, the Guardian has a print circulation of around 100,000, and reaches tens of millions of people online.

A spokesperson for the outlet told The Record: “As we previously announced, the Guardian’s systems have been subject to a serious network disruption. We have been able to keep publishing our journalism digitally and in print, but a number of key IT systems have been affected.

“The work to restore our systems fully is ongoing and will take some weeks. We have asked most staff to work from home for the next three weeks to allow our technical teams to focus on essential technical work,” they added.

The newspaper is understood to not have sought assistance from the National Cyber Security Centre, a part of GCHQ. Back in 2014, technicians from GCHQ attended the newspaper’s offices to oversee editors destroying computers that had been used to store classified documents leaked by Edward Snowden.

The Guardian was, alongside the Washington Post, awarded the Pulitzer Prize for public service for its reporting on those documents.

Alexander Martin is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.