Hackers Hit Major Portuguese Media Group, Take Down Websites

One of Portugal’s leading media conglomerates said Thursday that a group calling itself “Lapsus$” hacked the company’s online services, taking down some of its most popular websites and contacting subscribers.

Grupo Impresa said the attack was aimed at disrupting the company’s services and sending fake news messages to subscribers, including one that said, “Breaking: President removed and accused of murder: Lapsus$ is Portugal’s new president.”

The company said in a statement that the hackers didn’t demand any payment.

The hackers gained access to the company’s Amazon Web Services account and sent emails and text messages to subscribers, the statement said.

The hackers accessed some subscriber information, but Impresa said it had no evidence they got hold of subscribers’ passwords or credit card details.

The attack occurred early on Jan. 2, the statement said. The company regained control of its cloud services later that day, though on Thursday two of its main websites — belonging to top weekly newspaper Expresso and TV channels run by its broadcaster S.I.C. — were still using temporary sites.

The incident is being investigated by Portuguese police and the country’s National Cybersecurity Center.