American media conglomerate Cox Media Group (CMG) confirmed that it was hit by a ransomware assault that took down dwell TV and radio broadcast streams in June 2021.
The corporate acknowledged the assault in data breach notification letters despatched as we speak by way of U.S. Mail to over 800 impacted people believed to have had their private data uncovered within the assault. The group first knowledgeable probably affected people of the incident by way of e-mail on July 30.
“On June 3, 2021, CMG skilled a ransomware incident wherein a small proportion of servers in its community had been encrypted by a malicious menace actor,” the broadcasting firm mentioned.
“CMG found the incident on the identical day, when CMG noticed that sure information had been encrypted and inaccessible.”
Private information uncovered, however not stolen
Cox Media Group instantly took down methods offline after the assault was detected and reported the incident to the FBI after beginning an investigation with the assistance of exterior cybersecurity specialists.
The media firm discovered proof that the attackers harvested private information saved on the breached methods. Whereas additionally they tried to exfiltrate this information outdoors of CMG’s community, there isn’t a proof that they had been profitable of their try.
CMG discovered no proof of id theft, fraud, or monetary losses impacting probably affected people stemming from this incident for the reason that June ransomware assault.
Private data uncovered in the course of the assault contains names, addresses, Social Safety numbers, monetary account numbers, medical health insurance data, medical health insurance coverage numbers, medical situation data, medical analysis data, and on-line consumer credentials, saved for human useful resource administration functions.
Ransom demand ignored
“CMG didn’t pay a ransom or present any funds to the menace actor on account of this incident. There was no noticed malicious exercise in CMG’s atmosphere since June 3, 2021,” CMG added.
The corporate has additionally taken a number of steps to enhance its methods’ safety for the reason that incident to detect and block keep away from additional breach makes an attempt.
“These steps embody multi-factor authentication protocols, performing an enterprise-wide password reset, deploying extra endpoint detection software program, reimaging all finish consumer units, and rebuilding clear networks,” CMG defined.
CMG is a broadcasting, publishing, and digital media companies firm created by merging Cox Newspapers, Cox Radio, and Cox Tv in 2008.
Its operations embody 33 tv stations (together with main associates of ABC, CBS, FOX, NBC, and MyNetworkTV), 65 radio stations, in addition to greater than 100 information retailers.
Cox Media Group has not but returned a request for remark made by BleepingComputer in June, proper after the assault.