After being hacked over the weekend, websites of one of Portugal’s leading newspapers and a major broadcaster, both owned by the country’s largest media giant Impresa, were down on Monday. Both the Expresso newspaper and the SIC TV station claimed they had reported the incident to the PJ criminal investigation police agency and the National Cybersecurity Centre (CNCS) and planned to submit a complaint.
The suspected hackers, who go by the name Lapsus$ Group, posted a message on the websites threatening to reveal internal data unless the media company paid a ransom. E-mail and Telegram contact information was mentioned in the message. A request for comment from Reuters was not immediately returned.
Lapsus$ also sent a phishing e-mail to Expresso subscribers and tweeted using the newspaper’s official Twitter account, claiming to have gotten access to Impresa’s Amazon Web Services account. Last month, the same organization reportedly attacked Brazil’s health ministry website, shutting down multiple systems, including one that contained information about the country’s immunization program and another that issued digital vaccination certificates.
Lino Santos, the CNCS’s coordinator, informed the Observador newspaper that this was the group’s first strike in the country. Expresso and SIC’s websites have been down since Sunday, with a statement stating that they are “temporarily unavailable” as a result of the attack and that they would be back “as soon as possible.”
Meanwhile, both media outlets are sharing news stories on their social media platforms. They defined it as an “unprecedented attack on press freedom in the digital age.”
