Nearly a year ago, Bloomberg reported that China had penetrated the U.S. high-tech infrastructure via a hardware hack affecting some brand-name companies including Apple and Amazon Web Services, as well as prominent server-maker Supermicro. The “Big Hack,” however, sustained denials from the companies themselves, top government officials and cybersecurity experts. Apple chief executive Tim Cook called for a retraction. (Amazon founder Jeff Bezos is the owner of the Washington Post).
Responding to setback after setback, Bloomberg issued the same statement: “We stand by our story and are confident in our reporting and sources.”
Now we know that Bloomberg’s external show of confidence matches its internal thinking. In a memo to staff on Monday, Bloomberg News Editor in Chief John Micklethwait announced that Michael Riley — the second co-byline on “The Big Hack” along with Jordan Robertson — would be taking on the expanded role of cybersecurity czar at the news outlet. The team, writes Micklethwait, will “write about the various attempts to hack companies, governments and elections, as well as the thriving marketplace for cybersecurity tools, both legal and otherwise. But it is also intended to be a resource for the whole newsroom: if there is a cyber-incident in your coverage area, call our team.” Riley, notes the memo, will work alongside team leader Andy Martin*; Micklethwait’s memo addresses not only Riley’s promotion but a number of other personnel and organizations changes as well.
Following the initial denials of the reporting behind the “Big Hack,” reporters at Bloomberg continued to report the details of the original story, which alleged that about 30 mostly unnamed companies were affected by the hack. “My colleagues’ story from last month (Super Micro) has sparked a lot of pushback,” wrote a Bloomberg reporter to a prospective source at Apple several weeks after the “Big Hack” hit the Internet. “I’ve been asked to join the research effort here to do more digging on this … and I would value hearing your thoughts (whatever they may be) and guidance, as I get my bearings.”
It is unclear what, if anything, resulted from those efforts.
Bloomberg brushed aside the objections to the story’s integrity, entering “The Big Hack” for consideration in the National Magazine Awards. It didn’t secure recognition. It did, however, score what’s known as a “Pwnie,” a derisive “award” handed out at the BlackHat USA security conference. “This was definitely the computer security story of the year, maybe the decade, except for one small detail,” notes the “Pwnie” write-up. “It seems it was all bull[----].”
“The Big Hack” suffers from something of a time bind: If Bloomberg was on the mark with its claim that about 30 companies were affected by the hack, it stands to reason that further details of this wide-ranging intrusion would surface sooner or later. The Erik Wemple Blog asked Bloomberg if it is aware of any developments on that front. A Bloomberg spokesperson declined to comment.
*Correction: A previous version said incorrectly that Riley would report to Andy Martin.
Read more from Erik Wemple: