USA Today owner Gannett hit by phishing attack, nearly 18000 employees' accounts possibly compromised

Gannett, which owns more than 100 newspapers across the US, including USA Today, has been hit with an email phishing attack, potentially compromising the accounts of nearly 18,000 current and former employees. The media company said hackers may have accessed employees' personal data after several people in its human resources department became victims of a malicious phishing attack.

On 30 March, Gannett discovered that hackers had accessed the email accounts of multiple HR staff members and managed to send phishing emails as well. The cyberattack was investigated by the company's cybersecurity team.

The breach was discovered after the attacker unsuccessfully attempted to use a hijacked account to fraudulently wire transfer corporate money. Gannett's finance team quickly identified the request as suspicious
Gannett warned that employees' dates of birth, bank account information, Social Security numbers, salary, benefits, work history and insurance policy information could have been exposed in the breach.

The company said there was currently no evidence to suggest that sensitive personal information was taken, the Associated Press reports. It added that no customer account information was affected by the phishing attack.

Gannett said it had notified federal law enforcement and will inform the 18,000 employees about the cyberattack via the US Postal Service. Current and former employees will also be offered free credit monitoring service since their data was potentially available through some of the affected employees' account login credentials before they were locked down.

Some employees took to social media to post photos of the letters received.

The hacking incident comes shortly after it was revealed that Google and Facebook were also victims of a massive phishing scam. A Fortune investigation found that the tech giants were duped into transferring over $100m (£77.3m) in payments to Lithuanian hacker Evaldas Rimasauskas' bank account overseas from 2013 to 2015.

According to Verizon's 2017 Data Breach Investigations Report, hackers are increasingly turning to phishing techniques to extort millions from both individuals and companies around the world. Phishing was found to be the most common social tactic used by attackers with 43% of data breaches utilised phishing in both cyberespionage and financially motivated cyberattacks.