Amedia, a Norwegian print house, is the latest victim of cyberattacks that the company has termed an apparent “severe” cyberattack.
The attack took place in the wee hours of Monday night, waking up to Tuesday 28th, and details of the system breach scope are still unknown.
The attacker left a ransom note that Amedia has since forwarded to the police investigating the incident.
As of this writing, Amedia has taken the required precautions to control and minimize harm and is now working to reestablish operations.
It is uncertain if ransomware was or wasn’t a factor in the cyberattack.
Printing Stalled as the Cyberattack Infiltrated Print and Subscription Systems
You did not receive your Wednesday papers because the cyberattack has resulted in a temporary shutdown of Amedia’s systems, including online subscription and purchase of ads.
Amedia prints 90 plus newspapers and other publications for Norwegians and regional readership. It also owns a news agency.
Due to the intrusion, marketers and subscribers alike cannot place new ad orders or cancel existing subscriptions.
Printing and physical publishing have been severely affected. However, the massive print house states that it is looking into alternative production sources to ensure its customers still get their papers by Friday.
Today Thursday, about twenty newspapers will print their paper newspapers using alternative methods. Whereas other newspapers are still unable to do so, it is hoped that the solution will be available to everyone soonest.
Personal Data Compromised
It’s still unclear whether personal information regarding subscribers and staff was taken or compromised during the attack, at least for now. On the other hand, the media giant assumes that data has been compromised and is preparing to contact those affected.
The user data impacted by the subscription systems breach were user contact details, home addresses, subscription form particulars, and subscribers’ history. Passwords, viewers’ readership records, and payment information were unaffected by the event.
Amedia, in their press releases, reiterated that there is currently no evidence that this information has been misused.
Amedia assured us that they were working to understand better how hackers might have used this information.
As the investigations continue, employees and others who may be affected by the situation will be given additional information.
Measures Undertaken and Police Involvement
On Wednesday, Amedia published a press release in which it stated that all of the company’s employees had been informed of the current situation. A follow-up news statement to update all relevant stakeholders was intended to be delivered today, Thursday.
In the early hours of Tuesday, a representative from Amedia submitted a police report and, at the same time, issued a thorough declaration to the agency in charge of data protection regarding the suspected breach of personal data confidentiality.
A team of crisis managers has been assembled to deal with the current crisis. Presently, the most pressing issues are the production of paper newspapers and the collection of potentially lost data, including personal information about employees and contact information for clients, which is very sensitive.
As of now, Amedia has no idea who is responsible.
Amedia received a ransom note from the hacker, instructing them to visit a website for instructions on how to regain access to the systems from which they have been exiled. However, the gigantic print house stated that they had no intention of exploiting this or paying a ransom to the attackers.
Amedia has since reported the incident to the authorities and mailed the Norwegian law officers the ransom note. This information will be incorporated into the investigation and their efforts to ascertain who is responsible.
The police have considerable experience with these types of incidents, and it is hoped that the culprits will be identified and brought to book.
Cyberattacks on companies have been on the rise, and IT teams have to safeguard their systems and ensure proper backups are available should they be infiltrated.
Source : HackerCombat