The Post and Courier: Targeted by BlackSuit Ransomware Attack

Incident Date:

April 15, 2024

World map

Overview

Title

The Post and Courier: Targeted by BlackSuit Ransomware Attack

Victim

The Post and Courier

Attacker

Black Suit

Location

Charleston, USA

South Carolina, USA

First Reported

April 15, 2024

Ransomware Attack on The Post and Courier by BlackSuit Group

Attack Overview

South Carolina's largest newspaper, The Post and Courier, recently fell victim to a significant cyberattack by the ransomware group BlackSuit. This attack resulted in the exfiltration of approximately 500GB of sensitive data from the network of Evening Post Industries, which owns the newspaper. The breach affected multiple affiliated entities and exposed a wide range of data including personal, financial, and business information.

Details of the Breach

The BlackSuit group infiltrated The Post and Courier's network and remained undetected for over two weeks. The data compromised includes employee and customer personal data, financial records, and internal communications among other sensitive information. Following the refusal of ransom payment by Mr. Manigault, owner of Evening Post Industries, the attackers made the data publicly available, urging its widespread use.

About The Post and Courier

The Post and Courier, headquartered in Charleston, South Carolina, is the principal newspaper of the region with a history dating back to the early 19th century. As the largest newspaper in the state, it plays a crucial role in the media landscape of South Carolina. The newspaper is part of Evening Post Industries, a conglomerate that also manages other businesses such as book publishing and timberland management.

Impact on The Post and Courier

The breach not only threatens the privacy of thousands of individuals but also jeopardizes the integrity and reputation of The Post and Courier along with its parent and affiliated companies. The extensive nature of the leaked data could lead to significant financial and legal repercussions for the involved parties.

Vulnerabilities and Threat Exposure

The scale of operations and the extensive digital footprint of The Post and Courier make it an attractive target for cybercriminals. The integration of multiple business units under the Evening Post Industries umbrella increases the potential attack surface, making it imperative for the organization to employ furtherly effective cybersecurity protocols.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.