iHeartMedia Cyberattack Exposes Sensitive Data Across Multiple Radio Stations

iHeartMedia, the largest audio media company in the United States, has confirmed a significant data breach following a cyberattack on several of its local radio stations. In official breach notifications sent to affected individuals and state attorney general offices in Maine, Massachusetts, and California, the company disclosed that cybercriminals accessed sensitive customer information between December 24 and December 27, 2024. Although iHeartMedia did not specify how many individuals were affected, the breach appears to have involved data stored on systems at a “small number” of stations. 

The exact number of compromised stations remains undisclosed. With a network of 870 radio stations and a reported monthly audience of 250 million listeners, the potential scope of this breach is concerning.

According to the breach notification letters, the attackers “viewed and obtained” various types of personal information. The compromised data includes full names, passport numbers, other government-issued identification numbers, dates of birth, financial account information, payment card data, and even health and health insurance records. 

Such a comprehensive data set makes the victims vulnerable to a wide array of cybercrimes, from identity theft to financial fraud.

The combination of personal identifiers and health or insurance details increases the likelihood of victims being targeted by tailored phishing campaigns. With access to passport numbers and financial records, cybercriminals can attempt identity theft or engag

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.