cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

The Guardian hit by possible ransomware attack; personal data may have been exposed

Global news organisation The Guardian announced that it suffered a possible ransomware attack overnight, which has caused considerable disruption to the company.

user iconReporter
Thu, 22 Dec 2022
The Guardian hit by possible ransomware attack; personal data may have been exposed
expand image

At the moment, it looks like online publishing — including in Australia — is largely unaffected by the attack. The incident began on Tuesday night, UK time, and has affected some technology infrastructure, and some behind-the-scenes services. Staff have also been told to work from home following the attack.

While online operations seem unaffected, the printing of the company’s daily editions may be affected, though The Guardian is confident they’ll meet press deadlines.

“As everyone knows, there has been a serious incident which has affected our IT network and systems in the last 24 hours. We believe this to be a ransomware attack but are continuing to consider all possibilities,” Guardian Media Group chief executive Anna Bateson and editor-in-chief Katharine Viner said in a statement, which was also published online.


“We are continuing to publish globally to our website and apps and although some of our internal systems are affected, we are confident we will be able to publish in print tomorrow. Our technology teams have been working to deal with all aspects of this incident, with the vast majority of our staff able to work from home as we did during the pandemic.

“We will continue to keep our staff and anyone else affected informed. We will update everyone again at the end of the day. With a few key exceptions, we would like everyone to work from home for the remainder of the week unless we notify you otherwise.”

We’ve reached out to The Guardian Australia for comment on any effect the attack may have on Australian operations, though as of writing, its website does in fact seem unaffected.


As of the 5th of January 2023, The Guardian's UK print operations and some other infrastructure remains affected by the hack, and The Guardian has informed the UK’s Information Commissioner’s Office (ICO), which suggests the possibility that some personal data may have been breached during the attack. Employees in the UK, Australia, and the US have been directed to work from home until at least 23 January.

Speaking to The Record, an ICO spokesman said, “Guardian News & Media has made us aware of an incident and we are making enquiries.”

No suspect has yet come forward, and since the investigation is ongoing, The Guardian is keeping the details of the attack very quiet.

“We have been able to keep publishing our journalism digitally and in print, but a number of key IT systems have been affected,” a spokesperson told The Register. “The work to restore our systems fully is ongoing and will take some weeks. We have asked most staff to work from home for the next three weeks to allow our technical teams to focus on essential technical work.”

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.