June 6, 2023
The Philadelphia Inquirer says ransomware operators lied when claiming they stole a trove of data in a cyberattack on the newspaper’s servers.The Cuba ransomware operation - said to be responsible for more than 100 cyberattacks that resulted in $60 million in extorted payments - claimed responsibility Tuesday for such an attack on The Philadelphia Inquirer.The…

The Philadelphia Inquirer says ransomware operators lied when claiming they stole a trove of data in a cyberattack on the newspaper’s servers.

The Cuba ransomware operation – said to be responsible for more than 100 cyberattacks that resulted in $60 million in extorted payments – claimed responsibility Tuesday for such an attack on The Philadelphia Inquirer.

The group alleged it had stolen financial documents, correspondence with bank employees, account movements, balance sheets, tax documents, compensation and source code, only to remove the announcement from its leak site the next day.

Elizabeth H. Hughes, the paper’s publisher and chief executive, said the company had seen no evidence that any information related to The Inquirer was actually shared online.

Hughes also declined to say whether the paper was asked to pay a ransom or whether hackers had been in contact with company management.

A number of reporters at the newspaper said they looked at the documents Cuba shared on the dark web and couldn’t identify any files as coming from within the company.

Interestingly, The Inquirer apparently was attacked earlier this month, disrupting production of an edition of the May 14 Sunday print newspaper, and leading management to take some systems offline while forensics experts investigated. The attack also prompted a temporary shutdown of the newsroom, but online publication continued as usual.

Hughes says the investigation is ongoing, including into whether staff information was impacted.

“Should we determine that any personal information was affected, we will notify and support those individuals,” the newspaper’s boss said. “We will provide updates to employees as additional information becomes available to be shared.”

The FBI’s Philadelphia division said it was aware of the cyberattack but declined to comment.

Source