The Philadelphia Inquirer has confirmed that it had been attacked by the Cuba ransomware gang earlier this month but rejected the ransomware operation's claims that data posted on its leak site had been stolen from the publication, reports The Register.
"We have seen no evidence to date that any data related to The Inquirer has been shared online," said Inquirer Publisher and CEO Lisa Hughes, who declined to detail the extent of the ransomware attack amid ongoing investigation but noted that efforts to restore its systems are underway.
Data purported to be stolen from The Inquirer has since been removed by Cuba from its site but Emsisoft threat analyst Brett Callow noted that more time is needed to conclusively determine the reason behind the data delisting.
"Was Cuba scammed by a partner? Was this an intentional ploy to keep the company in the news cycle and under pressure without needing to weaken their negotiating position by releasing any data? Or did they upload the wrong company's data? It wouldn't be the first time a ransomware operation had done this," said Callow.
CNN reports that a potential compromise of the Department of Homeland Security's sensitive physical security details is being looked into by the department's senior officials following a ransomware attack against contractor and major building automation systems manufacturer Johnson Controls International.
Most organizations impacted by ransomware attacks have been noted by the FBI to be experiencing another intrusion involving a different ransomware variant within 48 hours of each other, BleepingComputer reports.