Philadelphia Inquirer unable to go to print due to ‘cyber incident’
The Philadelphia Inquirer announced on Saturday evening it had detected “anomalous activity” that would disrupt its publication of the Sunday print newspaper.
Elizabeth Hughes, the chief executive of The Inquirer’s publisher, said the activity impacted “select computer systems” that were immediately taken offline.
Hughes did not describe the nature of the anomalous activity, but the broadsheet’s report described it as a cyber incident.
The Philadelphia Inquirer, which was first published in 1829 and has won 20 Pulitzer Prizes, said the episode raised questions about the newspaper’s cybersecurity practices and revealed the company “does not require multi factor authentication for many of its key systems.”
Hughes said the business had invested in security following the COVID-19 pandemic’s drive to remote working, and that it conducts regular audits.
While an early edition of the Sunday newspaper that had been completed on Friday was circulated to home delivery customers, an updated edition was not sent to the printers.
Staff are not being allowed into The Inquirer's offices until after Tuesday, the newspaper reported, which risks impacting its coverage of the local mayoral elections.
Hughes said the company was "looking into coworking space" for Tuesday so that the newspaper's election night coverage wouldn't be affected.
The publisher has brought in cybersecurity company Kroll to provide incident response and forensics services, and has notified the FBI.
Hughes said the “anomalous activity” was first detected on Thursday “by Cynet, a vendor that manages our network security.”
Staff became aware of the incident on Saturday morning, when the weekend “skeleton crew” discovered they couldn’t access the newspaper’s content-management system.
“Within a few hours, workarounds were in place to allow news articles to be posted,” the paper reported.
Printing and deliveries resumed for Monday’s newspaper, said Hughes, but classifieds including death notices were being postponed “out of an abundance of caution” and wouldn’t appear in the paper until Wednesday.
It is not yet clear whether data belonging to customers or employees has been compromised. Hughes said investigations were ongoing, and that the company would "notify and support" anyone whose data may be affected by the incident.
Alexander Martin is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.