Skip to main content

June 13, 2025

Foreign hackers compromise Washington Post security reporters

Krdo
CNN Newsource
CNN
Kipp Jones
The Washington Post
+2

Foreign hackers compromise national security reporter emails before publication

Chinese state-sponsored hackers compromised Microsoft email accounts of Washington Post reporters covering national security and China on Jun. 12, 2025.

Mandiant cybersecurity firm attributed the attack to actors with a China nexus involved in espionage to benefit Chinese interests.

The breach specifically targeted journalists covering sensitive foreign affairs beats, including investigations into Chinese global influence and intelligence operations.

Executive Editor Matt Murray ordered immediate credential resets for all employees and notified affected journalists.

The attack used techniques consistent with APT31, a Chinese Ministry of State Security-linked group that sent over 10,000 malicious emails impersonating media outlets since 2010.

Salt Typhoon, a related Chinese hacking operation, compromised at least nine major U.S. telecom providers in what experts call the most significant cyber espionage campaign in history.

CISA recommends highly targeted individuals including journalists use end-to-end encrypted tools like Signal due to ongoing Chinese surveillance threats.

🔒Digital Rights🛡️National SecurityCivil Rights📰Media Literacy

Test Your Knowledge

10
Q1

On what date did the Washington Post discover the cyberattack on its journalists?

Q2

The Washington Post reset login credentials for all employees following the discovery.

Q3

Which major news organization was previously targeted by suspected Chinese hackers in a multi-year campaign?

Q4

Name the Washington Post Executive Editor who sent the internal memo about the cyberattack.

Q5

What historical precedent shows how cyber surveillance compromised Chinese sources?

5 more questions available

Upgrade to Premium to access all practice questions and unlock advanced quiz features.

Upgrade to Premium

These questions are part of the Foreign hackers compromise Washington Post security reporters topic. Master this topic by completing the quiz or exploring each question in detail.

Ready to test your knowledge?

Take the full quiz to master this topic and track your progress.

Start Quiz

People, bills, and sources

Matt Murray

Washington Post Executive Editor

David Wong

Mandiant Vice President of Consulting

Sen. Mark Warner

Sen. Mark Warner

Senate Intelligence Committee Chair

Yin Kecheng

Shanghai-based cyber actor

Michael Kratsios

Office of Science and Technology Policy Director

Jen Easterly

CISA Director (until Jan. 2025)

Joe McReynolds

Jamestown Foundation China Security Fellow

What you can do

1

Track cybersecurity oversight hearings on congress.gov by searching for CISA and DOJ testimony about state-sponsored hacking threats.

2

Review CISA advisories at cisa.gov/news-events for recommended security practices against state-sponsored threats targeting journalists and officials.

3

Contact your U.S. representatives to advocate for defensive cyber capabilities and journalist protection measures through the House and Senate Intelligence Committees.

4

Follow DOJ press releases at justice.gov/news for indictments and sanctions against foreign hackers targeting American institutions.

5

Use end-to-end encrypted communications like Signal when contacting journalists or advocacy organizations about sensitive matters.

6

Monitor Treasury Department sanctions at home.treasury.gov/news to track actions against state-sponsored cyber actors and affiliated entities.