Impresa, the largest media conglomerate in Portugal and owners of Expresso newspaper and SIC TV channel, the country’s largest TV channel and weekly newspaper, is being held to ransom after ransomware gang Lapsus$ hacked its system.
The attack comes just days after Vice Society hacked a Norwegian media company Amedia AS, which publishes more than 70 newspapers. The attackers struck on Tuesday, December 28, and forced the company to shut off its presses.
The Impresa attack took place during the New Year holiday. It hit the websites of the group. SIC TV’s internet streaming transmission was also interrupted. The TV broadcasts are operating normally.
Expresso’s Twitter account was also hacked, resulting in a post fixed at the top of the page with the headline: “Lapsus$ is officially the new president of Portugal”.
The group left a message that included an email address and Telegram contact information on which they were to be contacted to discuss the terms of returning the data.
SIC and its other channels dominate the TV market in Portugal, while Expresso has the largest circulation numbers for weekly periodicals.
TheRecord reported that Lapsus$ took credit for the attack by defacing all Impresa sites with a ransom note. Besides a ransom request, the message claims that the group has gained access to Impresa’s Amazon Web Services account. Impresa appeared to have regained control over this account on Monday, when all the sites were put into maintenance mode.
However, the attackers immediately tweeted from Expresso’s verified Twitter account to show that they still had access to company resources.
In December, Lapsus$ had claimed to hit the websites under Brazil’s Ministry of Health (MoH) causing the unavailability of COVID-19 vaccination data of millions of citizens. The gang also targeted the South American telecommunication providers Claro and Embratel.
Worth a read: https://beta.edgemiddleeast.com/security/ransomware-set-to-soar-over-the-holiday-season
