The Philadelphia Inquirer notified the FBI of a cyber-incident that disrupted its operations just two days prior to the primary elections in the City Of Brotherly Love.
The Inquirer’s publisher Lisa Hughes said that they appreciated everyone’s patience as they worked to restore all systems and finish this investigation as quickly as possible.
Hughes added, “We will inform our employees and readers as we learn more.”
As the outlet called it, the “apparent cyberattack” left the Philadelphia Inquirer without the ability to print its regular Sunday newspaper. Although its online publication continued, these operations were “sometimes faster than normal.”
The paper said that employees will be prohibited from entering the offices of the publication until at least Tuesday due to the incident.
The Inquirer stated that this disruption, which seemed to be major, would not impact its coverage of the Philadelphia primary elections on Tuesday 2023. Jonathan Lai wrote a piece Monday afternoon that addressed the Inquirer’s coverage of election night. The incident was not mentioned in the article. The mayoral race, city council races, and row offices as well as judicial seats all come into play.
The Inquirer’s publisher Lisa Hughes did not provide a timeline for restoration. She also failed to respond to questions from the outlet, such as who was responsible, what systems were compromised, and if anyone had been targeted.
The paper hired Kroll, a security firm, to investigate the attack. The paper reported that Cynet, a company-contract security vendor, alerted them to suspicious activity on Thursday. The weekend staff of the paper was reportedly unable to access its content management system on Saturday morning.
“Depending on who’s got access, and what kind of access they have and what they do with it, you can go a lot of different ways,” Runa Sandvik, a computer security expert, and researcher who specializes in digital security for journalists, told the Inquirer.
Sandvik told the outlet that “hardening their defenses” is important for all news organizations.
According to the newspaper, multi-factor authentication is not implemented for most of its key systems. This practice has been identified as the best one by Sandvik and security experts.
