Paramount confirmed data breach attack from a security incident

Paramount, one of Hollywood’s most prominent entertainment companies, revealed that it suffered a data breach incident after unauthorised individuals hacked their systems and acquired access to personally identifiable information (PII).

The entertainment giant stated that they have rolled out breach notification letters among affected individuals. The letters contained details about the hack and the hackers establishing access to its systems from May to June.

 

Paramount revealed that impacted people’s personal information could have landed in the hackers’ possession.

 

Investigations show that the hackers could have accessed the affected individual’s personal information in the breach. The confirmed potential details acquired in the hack are names, dates of birth, Social Security numbers, and other government-issued identification numbers, such as passport numbers and driver’s license names.

After confirming the attack, the company immediately started security measures on the impacted systems. In addition, it launched an investigation to discover the attack’s scope and nature.

Paramount contacted a third-party security team to help them with their investigation and notified law enforcement agencies about the incident. The firm stated that it is currently applying security upgrades to avoid a similar incident in the future.

The company’s security team confirmed the attack and admitted that the infiltrators obtained unauthorised access. As of now, the initial investigation claimed that the attack acquired the personal information of less than 100 people. These people have received notification letters about the cyberattack.

Paramount has yet to reveal the set of individuals impacted by the incident. Researchers believe these 100 people could come from any company branch, like employees or customers. These customers are subscribers of the company’s streaming platform called Paramount+.

Separate research also confirmed that this campaign is not the product of Cl0p’s widespread MOVEit data theft campaigns. Therefore, the nature of the attack is less likely to be ransomware.

Paramount, one of the leading streaming companies in the United States, has a reputation for providing quality content in television and movies. These attacks indicate that threat actors are fearless in targeting such entities as long as they are profitable.

Experts suggest that users receiving breach notification letters should be vigilant of unsolicited communications since the threat actors could execute targeted phishing campaigns using the stolen PII.