A data breach involving Vice Media leaked the sensitive information and financial data of more than 1,700 people, according to filings with Maine’s Attorney General.
The media company hired a cybersecurity firm to investigate the incident and found that hackers managed to break into an internal Vice e-mail account. The company said that the effort to figure out what personal information was involved and find up-to-date addresses for all victims lasted until January 25, 2023.
The company did not respond to requests for comment about why it took nearly a year to complete this process.
In the January 26 filing, Vice Media said Social Security numbers were involved in the breach – which affected 1,724 people.
In a second filing five days later, the company said the breach also involved financial account numbers, credit and debit card numbers as well as security codes, access codes, passwords and PINs for accounts.
The letters do not say if any other information was leaked during the incident. It is unclear whether the letters reference different events or one cyberattack. The January 26 filing said the breach was discovered on April 4 but the January 31 filing said it was discovered on December 19.
Victims are being offered 12 months of credit and identity monitoring services as well as identity restoration services through Equifax. The plan includes $1 million in identity theft insurance.
The breach notification letters were sent to victims on Monday.
News outlets continue to be frequent targets for hackers due to the information they hold not only on subscribers but employees.
Radio Free Asia, several PBS stations, the Guardian, New York Post, The Wall Street Journal, Fast Company, Nikkei, Portugal’s Impresa, France’s M6, Cox Media Group, CBS-owned Entercom, and The Weather Channel have all faced cyberattacks over the last decade.