Lapsus$ ransomware gang hits Impresa, Portugal’s largest media conglomerate

The Lapsus$ ransomware hit Impresa, the largest media conglomerate in Portugal and the owner of SIC and Expresso.

The Lapsus$ ransomware gang has compromised the infrastructure of Impresa, the largest media conglomerate in Portugal. Impresa owns SIC TV channel, and Expresso newspaper, among other leading media, like several magazine publications.

The attack took place during the New Year holiday, the websites of the Impresa group, the SIC TV channels, and the Expresso were forced offline.

The Lapsus$ ransomware group defaced all the sites publishing a ransom note that claims that they had access to Impresa’s Amazon Web Services account.

The attack did not impact radio and cable TV broadcasts, while SIC’s internet streaming transmission was interrupted.

At this time the websites of the company are in maintenance mode.

According to TheRecord, while Impresa claims to have regained control over its Amazon account, in turn, the ransomware gang tweeted from Expresso’s verified Twitter account demonstrating to have access to its infrastructure.

Early this month, the ransomware gang hit the websites under Brazil’s Ministry of Health (MoH) causing the unavailability of COVID-19 vaccination data of millions of citizens.

The gang also targeted the South American telecommunication providers Claro and Embratel.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Lapsus$ ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]