Home News Lapsus$ Ransomware Targets Media Firms in Portugal

Lapsus$ Ransomware Targets Media Firms in Portugal

A new ransomware variant - Lapsus$ reportedly disrupted operations at Impresa, a popular media giant in Portugal. The ransomware affected its Expresso newspaper, TV channel SIC, and other Impresa-owned websites.

Lapsus$ Impresa, Amedia data breach

A few days into 2022, ransomware operators have already started targeting organizations with various extortion schemes. Security experts were alarmed about a novel ransomware variant – Lapsus$, disrupting operations of media firms in Portugal. The ransomware reportedly targeted Impresa, a popular media giant in Portugal. In an official release, the company confirmed that a “computer attack” affected operations of its Expresso newspaper, TV channel SIC, and other Impresa-owned websites. The suspected ransomware attack also compromised Impresa’s server infrastructure and Twitter account.

“The Expresso and SIC websites were temporarily unavailable, preventing access to all the information we produce day-by-day, hour-by-hour, minute-by-minute, telling what is happening in Portugal and in the world. Now, and while we make every effort to recover what is ours (what is yours), we have decided to create a temporary website, this one that is opening now, that will allow us to bring you our news again — the ones that we have been coming to publish only on Expresso’s social networks,” the release said.

Lapsus$ – The Culprit

The Lapsus$ group reportedly confirmed that it’s behind the attack. The group took credit by posting a ransom note on the affected systems. While Impresa stated that it regained control over the affected systems and sites, the ransomware group claimed it still has access to the company sites.

“We will give everything we have to not let you down on these important days in our history. We do this because today, as since the day it was born, the Expresso does not give up fighting for the rule of law. We are doing everything we can to re-deliver our exclusives, as well as to guarantee the delivery to newsstands of the next weekly edition of Expresso – also on paper, of course,” the release added.

Cyberattacks on Media Firms

Security incidents on media organizations have become prevalent in recent times. Amedia, a leading Norwegian media company, was exposed to a serious data breach resulting in the disruption of its services. In a news release, the company revealed that on the night of Tuesday, December 28, 2021, several of Amedia’s central computer systems were shut down. A significant data breach by third-party threat actors impacted Amedia’s central computer systems. The extent of the damage is yet to be ascertained, and the company has taken measures to contain the attack. Read More Here