Overview
- Proton and Constella Intelligence published a dark‑web scan on May 26, 2026 that found more than 116,000 exposures linked to employees at The New York Times, The Washington Post, and The Wall Street Journal, tied to over 35,000 email addresses.
- The dataset reportedly includes thousands of plaintext passwords and more than 61,000 pieces of personally identifiable information such as names, phone numbers, dates of birth, and addresses.
- Researchers say most leaks came from breaches of third‑party services that journalists used to register accounts, not from confirmed intrusions of newsroom systems.
- Proton said it shared the findings with the three outlets' chief technology officers and advised immediate steps including password changes, enterprise password managers, two‑factor authentication, and dark‑web monitoring.
- Repeated exposures make some staff persistently vulnerable: more than 2,500 addresses appeared in the dataset ten or more times, which raises short‑term risks of phishing, blackmail, harassment, and possible exposure of confidential sources.