Cyber Incident Victim: The Fulcrum
Date:
Jun 2019
Location:
Canada
Summary
A student newspaper at the University of Ottawa experienced a malicious cyberattack in which its entire website content was deleted, including articles spanning over a decade of digital archives. The attackers replaced the site with a single derogatory post referencing "anti-union" sentiments and declaring the publication "cancelled." While historical content remained accessible through third-party archives, the primary website's data loss was mitigated by a recent backup that limited permanent damage to approximately one week of new material. The incident was characterized by editorial staff as an attack on student journalism, impacting numerous contributors whose work had been hosted on the platform. Investigations were initiated to identify those responsible for the unauthorized access and content destruction.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On June 30, 2019, the University of Ottawa’s English-language student newspaper, The Fulcrum, experienced a cyberattack resulting in the deletion of its entire online content. The incident occurred overnight, with editor-in-chief Matt Gergyek discovering the compromise around 1:30 a.m. upon finding a single unauthorized post replacing all website material. The post’s headline read "Anti-union RAG gets entire website deleted," attributed to an author pseudonymously named "She who must not be named," and contained the message "UOttawa student news-rag The Fulcrum has been cancelled. Bye-bye." The attack erased thousands of articles spanning more than a decade, with content dating back to at least 2006 and most posts remaining searchable from 2010 onward. Gergyek characterized the incident as an attack on student journalism, emphasizing the loss’s emotional impact on current and former contributors whose work had been preserved on the platform.
The Fulcrum’s hosting company confirmed the existence of a backup from June 23, 2019, limiting permanent data loss to approximately one week’s worth of content. Historical articles remained accessible through an online internet archive, mitigating some archival damage. Gergyek initiated contact with the hosting provider to address the breach and expressed intent to identify those responsible. No technical details regarding the attack vector or perpetrator identification were disclosed in available reports. The incident highlighted vulnerabilities in student media infrastructure and the broader implications of digital content preservation, particularly for institutional memory spanning multiple student generations. Operational recovery efforts focused on restoring the backup while assessing long-term security measures.