Hackers continue to wreak havoc across tech and media companies in the last months of 2023. In addition to other ransomware cases, CBS and Paramount's parent company, National Amusements. However, in this case, it might not count as "recent."
National Amusements Breach
The company only reported the attack this month, which affected 82,128 people. The weird thing is that the breach actually happened a year ago, around December 13th to 15th, 2022, and the company is only disclosing the incident now.
With the digital privacy law, the company was legally bound to report the breach, which it did so with Maine's Attorney General. 64 of the victims of the cyberattack were said to be residents of Maine, as reported by Engadget.
In the filing, it was revealed that the hackers might've stolen data like financial information like account, debit, and credit card numbers, along with the security codes, access codes, passwords, or PINs for the accounts.
The most affected by the breach may be the company's employees, given that National Amusement SVP of Human Resources filed the notice. Of course, this is merely what it implies and not an actual confirmation, especially with the numbers being what it is.
The letter says that the company was already aware of suspicious activity within its system back on December 15th, 2022, followed by saying that they "immediately took steps" to secure their network and minimize the disruption of their operations.
The notice from Maine's Attorney General also shows that the data breach was discovered on August 23rd this year, which means that there is an eight-month gap between the first time they noticed unusual activity versus the day they confirmed it.
No one can say for sure if they had taken action the moment they detected unauthorized activities, but the disclosure of the breach a couple of months later does not inspire confidence, nor does it fall under the category of "immediately."
Read Also: Sony is 'Currently Investigating' Alleged Insomniac Games Ransomware Hacking
Paramount Breach
Paramount has also suffered a cyberattack in recent months, as it also sent a notification letter to the affected individuals. Reported back in late August, the breach allowed hackers to gain access to personally identifiable information.
The company said in the letter that based on their investigation, the information that may have been stolen included names, dates of birth, Social Security numbers, and other government-issued identification numbers, as per Bleeping Computer.
Compared to the recently disclosed attack by National Amusements, Paramount's was relatively smaller as it only impacted less than 100 individuals. Paramount has hired a cybersecurity professional since then to investigate the attack on its system.
"We did investigate an incident where we learned that an unauthorized party accessed certain files from our systems. Upon discovery of the unauthorized activity, we took swift action to identify and address the incident," a spokesperson from the company said.
It was still undisclosed who the victims were, whether they were employees or customers like Paramount+ subscribers. With more than four billion subscribers to its service, only having 100 victims in the breach can be seen as somewhat of a win.
Related: Comcast Confirms Hacker Breach That Affects 36 Million Xfinity Users
