A cyberattack on the well-known news outlet The Washington Post has compromised the email accounts of several of its journalists, with some evidence suggesting the breach may have been carried out by a foreign government, The Wall Street Journal reported.
According to an internal memo cited by the WSJ, Washington Post Executive Editor Matt Murray informed staff that the breach was discovered on Thursday and that a formal investigation is underway. The attack reportedly targeted journalists’ Microsoft accounts, potentially granting unauthorized access to sensitive work emails.
Sources familiar with the matter told the WSJ that reporters on the national security and economic policy teams, some of whom cover China, were among those affected.
The Washington Post has not yet issued a public statement or responded to requests for comment.
The incident follows a similar 2022 breach at News Corp, which owns the Wall Street Journal, where hackers compromised the email accounts of multiple journalists.
A recent Citizen Lab’s investigation revealed that at least two prominent European journalists were targeted by the Graphite spyware in early 2025. The spyware exploited a then-unknown zero-day vulnerability (CVE-2025-43200) in iOS 18.2.1, delivered via iMessage without any user interaction. The threat actor used an account, named in the research as ‘ATTACKER1,’ to send malicious messages that exploited CVE-2025-43200 for remote code execution. The vulnerability was patched in iOS 18.3.1 on February 10.
