Hacker attack on Washington Post: Dangerous security hole discovered!

Hacker attack on Washington Post: Dangerous security hole discovered!

On June 15, 2025, The Washington Post was the target of a serious hacker attack, possibly carried out by a foreign state. This was reported by The Washington Post, in line with information from The Wall Street Journal (WSJ), which suggested that the hackers used compromised Microsoft user accounts of journalists working on sensitive topics such as national security, economic policy and China. Employees of the Washington Post were informed internally that the attack also made it possible to access work emails.

Editor-in-Chief Matt Murray informed the team that the attack was discovered on Thursday and that an investigation was subsequently launched. The Washington Post initially had no public comment on the incident. The paper belongs to Jeff Bezos, the founder of Amazon, and thus consolidates the importance of the journalists concerned in global discourse.

Vulnerabilities at Microsoft and the global context

In addition to the events at The Washington Post, Microsoft has identified new security vulnerabilities in its Exchange cloud software. These vulnerabilities have allowed hackers to break into the accounts of tens of thousands of users. It is estimated that over 250,000 accounts worldwide could be affected, and more than 60,000 email servers, both corporate and government, are affected. 30,000 hacked email systems have already been reported in the USA.

The attack has become a global crisis, with the attackers, believed to be part of the Hafnium hacking group, initially carrying out targeted attacks. Subsequently, automated attacks were launched on the email servers mentioned. Microsoft then released a security update, but it must be installed manually.

German companies are particularly affected by the attack because they often operate their Exchange servers locally. The Federal Office for Information Security has called on German users to act quickly to minimize potential damage. The vulnerabilities were exploited by suspected Chinese hackers who targeted information in the US, particularly in the research, academic, law firm and defense contracting sectors.

It is expected that the ongoing attacks may lead to further data leaks and possible extortion in the coming months. The affected versions of Exchange servers are 2013, 2016 and 2019; Cloud versions should not be affected by this security vulnerability.

The scale of the incidents reflects increasing cybersecurity challenges. Both The Washington Post and Microsoft face the need to review and strengthen their security protocols to better protect against future attacks.

For more information on developments in the Washington Post hack, read the report TradingView. Information about the Microsoft security vulnerabilities is available at star.