Portugal-based media company Impresa has hit the news headlines for becoming a victim to a ransomware attack. And sources state that the publishing company was hit by a ransomware group named Lapsus$.
Not much is known about Lapsus$ ransomware group. However, information is in that the said hacking group targeted the servers of the publishing company to an extent that it impacted Impresa website, Expresso and SIC websites to the core.
Cybersecurity Insiders has learnt from its sources that Lapsus$ is demanding a affectedof $5 million which when unpaid could lead to serious consequences such as the stolen data being sold to the hackers or information leaking out to the company’s partners and customers.
Usually, almost all ransomware gangs these days are equipped with abilities to steal data at first and then encrypt the database until a ransom is paid. Lapsus$ is one such group that is into such data extortion tactics, along with the potential to wipe of the data on the backup servers if the victim cannot pay ransom for any reason.
Meanwhile, the IT staff of the media giant are working 24×7 to recover from the incident and are in no mood to entertain the demands of the hackers.
Note 1- Paying a ransom is not a solution in such situations as it not only encourages crime but also doesn’t guaranty a decryption key for sure in return.
Note 2- Brazil’s health ministry also became a victim of the same hacking group’s ransomware attack disrupting the vaccination program undertaken by the government to a certain extent.
Note 3- Lapsus$ hackers argue that they have gained access to Impresa’s Amazon Web Services account in the attack and so might have access to troves of publishing data related to the Portuguese Media Group.