Numerous sensitive data owned by more than 1,700 individuals have been compromised due to a security incident that struck the American-Canadian digital media and broadcasting firm Vice Media. Reports revealed that the attack began last year in March, with the investigations only to have been concluded this year.
The initial findings from a cybersecurity team showed that the unknown hackers had infiltrated the media firm’s internal email account. Due to the wide scope of the incident, it took Vice Media and its security team until January 25 this year to discover which data were involved and obtain the updated addresses for all affected victims.
Vice Media refused to share its reasons for only concluding investigations this year.
When asked about how it took nearly a year after the security investigations were only completed this year, the media firm declined to give their comments.
Nonetheless, Vice Media had sent out notification letters to the affected individuals of the attack, which covered important details they rightfully had to know about.
The media company shared in a filing last January 26 that exactly 1,724 individuals had their sensitive information exposed to hackers. In a second filing last January 31, the company revealed that these exposed sensitive data included people’s financial account numbers, credit and debit card numbers, security codes, passwords, access codes, and account PINs.
However, security analysts were baffled by the two filings released by the media firm since it is vague whether they are referencing a single cyberattack or different ones. The confusion originated from the first filing stating that the breach was detected on April 4, 2022, while the second stated it was detected on December 19, 2022.
The analysts look forward to the media firm addressing and clarifying the issue.
On the other hand, thousands of victimised individuals are offered a year of free credit, identity monitoring, and identity restoration services, with $1 million in identity theft insurance through Equifax.
Cybercriminal groups still eye media and news outlets as their targets since these companies hold critical intelligence and information they might find valuable for attacks. Numerous big media companies have been targeted, including Radio Free Asia, New York Post, Cox Media Group, The Wall Street Journal, and various PBS stations.