Dow Jones & Co. disclosed that hackers had gained unauthorized entry to its systems, accessing contact information for current and former subscribers in order to send fraudulent solicitations.
The data breach potentially accessed payment card information for fewer than 3,500 individuals, said Dow Jones, a unit of News Corp and owner of The Wall Street Journal, MarketWatch and Barron's. The goal of the broader hack seems to have been to obtain contact information, Dow Jones said.
In a letter to customers on Friday, Dow Jones Chief Executive William Lewis said law-enforcement officials in late July informed the company that there may have been a breach. A company investigation with the help of a cybersecurity firm revealed the unauthorized access took place between August 2012 and July 2015.
Mr. Lewis said the data from the 3,500 individuals "could have been accessed, although we have discovered no direct evidence that information was stolen." The breach also was "likely part of a broader campaign involving a number of other victim companies," he said.
"It appears that the focus was to obtain contact information such as names, addresses, email addresses and phone numbers of current and former subscribers in order to send fraudulent solicitations," Mr. Lewis said.
Data breaches have become increasingly common among private companies and government organizations. Last year, 43% of the 567 executives surveyed by the Ponemon Institute said they experienced a data breach in the past year.
Breaches have been exposed at companies like Ashley Madison, the dating site aimed at people looking for extramarital affairs, where hackers obtained and released names and addresses. Retailers have been particularly hard hit, including high-profile breaches at Target Corp., where 40 million credit and debit card accounts were compromised, and Home Depot Inc., which experienced an even larger attack that may have compromised 56 million cards.
In the wake of its massive breach, the chief executive of Ashley Madison owner Avid Life Media Inc. has stepped down and the company has said it is cooperating with investigations from authorities.
Target and Home Depot have faced steep expenses related to their data breaches. Target has agreed to reimburse thousands of financial institutions millions of dollars for costs incurred from the 2013 data breach. Home Depot still faces ongoing lawsuits from banks and credit unions.
Dow Jones has sent letters to individuals whose financial information was potentially accessed and says it has taken steps to stop the hack. The investigation is ongoing, and Dow Jones is cooperating with law enforcement, the letter said.
Write to Steven Perlberg at firstname.lastname@example.org