Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The largest owner of radio stations in the US has disclosed a cyber attack that led to personal data being exposed.
iHeartMedia is the largest audio company in the US, with over 850 radio stations across the US and Canada. Its iHeartRadio service allows users to stream live radio, music and podcasts, and its SiriusXM satellite radio service offers largely ad-free listening nationwide.
In a statement to CyberNews, iHeartMedia revealed it had suffered a cyber attack in December that had been “fully addressed” within the same week.
However, it said its investigation went until 11 April, through which unauthorised actors accessed and exfiltrated data, including personal data stored on systems at “a small number” of local stations.
Data reportedly included Social Security numbers, driver’s license numbers, passport numbers, state ID card numbers, tax ID numbers, financial account numbers and payment card numbers.
“As soon as iHeart became aware, it immediately implemented its response protocols, took measures to contain the activity, and launched an investigation,” the company said.
“Additionally, a cyber security firm that has assisted other companies in similar situations was engaged, and iHeart notified law enforcement.”
iHeartMedia said it began notifying its customers of the incident on 30 April, but it did not disclose how many were affected by the incident.
According to the notice, the breach affected users in Maryland, New York, New Mexico and North Carolina, as well as one user in Rhode Island.
Additionally, the Office of the Maine Attorney General disclosed that three individuals were affected.
It is currently unclear if the data has been listed for sale or if a ransomware incident has occurred. Additionally, no threat actors have publicly claimed responsibility for the attack based on investigations by Cyber Daily.
Be the first to hear the latest developments in the cyber industry.
