Amedia, one of the largest media firms in Norway, announced on Tuesday that it fell victim to a cyberattack that forced it to shut down multiple computer systems.
The company publishes more than 70 newspapers for 2.5 million Norwegians and the attack prevented the firm from printing Wednesday’s edition of physical newspapers. The hack also impacted the company’s advertising and subscription systems, restricting advertisers from purchasing new ads and stopping subscribers from ordering or canceling subscriptions.
The company has not provided clarification on the extent of the breach. Hence, it remains unclear if subscribers’ and employees’ credentials and private details were compromised. The subscriber data contains names, addresses, phone numbers, and the subscription history of customers while employee data includes employment conditions/agreements, Social Security numbers, and salaries.
“We are in the process of gaining an overview of the situation, but do not yet know the full potential for damage. We have already implemented comprehensive measures to limit the damage and to restore normal operations as quickly as possible,” said Executive Vice President of Technology, Pål Nedregotten in a translated statement on the company’s website.
“Amedia now works on the basis that customer data can be compromised. If personal information has gone astray, those affected will be informed as soon as possible. This will apply to both customers and employees. In such a case, the Data Inspectorate will be notified of what has happened and how we work with mitigating measures,” Nedregotten added.
The company also did not mention the vulnerability exploited. A Twitter user who claims to be a security researcher from Norway says the attacker exploited CVE-2021-1675 - the PrintNighmare vulnerability - to gain initial access and for subsequent lateral movement.
The attack on Amedia is the third major Norwegian cyberattack reported over the last several days. Nortura, one of the country’s leading food producers, revealed on December 21 that it was forced to shut down its IT systems after suffering a cyberattack at multiple factories. The company said it is investigating the incident with help from the police, and that it is focusing on minimizing damage to systems and operations.