The Tampa Bay Times is the latest victim of a ransomware attack. The popular U.S.-based news organization reported that attackers infiltrated its computer systems with Ryuk ransomware. The exact number of devices affected in the incident is unknown. However, the company clarified that the attack didn’t compromise any of its or its customers’ information.
According to a report from Malwarebytes Labs, the Tampa Bay Times did not respond to the attackers and refused to pay any ransom. The company stated that it is in the process of removing the ransomware and restoring its affected systems via backup files.
Ransomware Attacks on News Agencies
Ryuk ransomware affected several newspapers/news agencies in the U.S.last year. In Los Angeles, San Diego Union-Tribune, The Wall Street Journal, Los Angeles Times, The New York Times (West Coast Editions), and several Tribune Publishing newspapers faced printing and delivery issues after they suffered a ransomware attack.
The Chicago Tribune reported that its publishing and printing systems were affected in the attack. The publisher stated that its print edition was published without paid classified ads and death notices, due to the attack. However, the company clarified that no customer and financial information was leaked.
Tribune Publishing spokeswoman, Marisa Kollias, said, “This issue has affected the timeliness and, in some cases, the completeness of our printed newspapers. Our websites and mobile applications, however, have not been impacted. There is no evidence that customer credit card information or personally identifiable information has been compromised.”
Ryuk in the News
In a related development, the officials of the U.S. Coast Guard (USCG) recently disclosed a Ryuk ransomware infection that had taken down the entire corporate IT network of a Maritime Transportation Security Act (MTSA) regulated facility for more than 30 hours. According to the USCG officials, the ransomware interrupted the camera and physical access control systems. It’s believed that a malicious email sent to one of the maritime facility’s employees was the entry point for the ransomware infection.
The ransomware corrupted the enterprise IT network files, encrypted them, and prevented the facility’s access to critical files. The officials stated that the incident affected the facility’s IT network and industrial control systems that monitor and control cargo transfer operations.