Cox Media Group (CMG), which owns 57 TV and radio stations across 20 American markets, has formally announced that it was hit by a ransomware attack that crippled live TV and radio broadcast streams in June 2021.
The firm confirmed the assault in data breach notification letters sent last week via U.S. Mail to over 800 affected individuals whose private details were exposed in the attack. The media firm first informed potentially impacted individuals of the incident via email on July 30.
"On June 3, 2021, CMG experienced a ransomware incident in which a small percentage of servers in its network were encrypted by a malicious threat actor. CMG discovered the incident on the same day, when CMG observed that certain files were encrypted and inaccessible,” the broadcasting firm stated.
Private information leaked, but not stolen
Cox Media Group instantly took down programs offline after the attack was discovered and reported the incident to the FBI after launching an investigation with the help of exterior cybersecurity specialists.
The media company discovered proof that threat actors exfiltrated private details stored on the breached systems. While they also tried to exfiltrate this data outside of CMG's network, there is no evidence that they were successful in their attempt. Additionally, there was no evidence of identity theft, fraud, or financial losses impacting potentially affected individuals.
According to the breach notification letter, private details leaked during the assault include names, addresses, Social Security numbers, financial account numbers, health insurance information, health insurance policy numbers, medical condition information, medical diagnosis information, and online user credentials, stored for human resource management purposes.
"CMG did not pay a ransom or provide any funds to the threat actor as a result of this incident. There has been no observed malicious activity in CMG's environment since June 3, 2021," CMG added.
The corporate has additionally taken a number of steps to enhance its programs’ safety. "These steps include multi-factor authentication protocols, performing an enterprise-wide password reset, deploying additional endpoint detection software, reimaging all end-user devices, and rebuilding clean networks," CMG explained.
CMG is a broadcasting, publishing, and digital media services company created by the amalgamation of Cox Newspapers, Cox Radio, and Cox Television in 2008. Its operations embrace 33 tv stations (including main associates of ABC, CBS, FOX, NBC, and MyNetworkTV), 65 radio stations, as well as more than 100 news outlets.
