Paramount Admits Data Breach After Cyberattack

Paramount Global, a leading entertainment conglomerate, has confirmed a data breach after its systems were compromised in a cyberattack between May and June 2023. The breach led to unauthorized access to personally identifiable information (PII), though the company has stated that fewer than 100 individuals were affected by it.

The company reached out to victims on August 11th, detailing the breach and the measures taken in response. According to the notification letter, the compromised data included names, birthdates, Social Security numbers, driver's license numbers, passport numbers, and "information related to [the individual's] relationship with Paramount." BleepingComputer reported that the breach was not related to ransomware or the MOVEit data theft attacks.

Paramount has taken measures to protect its systems but has not provided further details regarding the breach amid an ongoing investigation. Speaking to Recorded Future News, a spokesperson for Paramount Global said that the incident was investigated and “ we learned that an unauthorized party accessed certain files from our systems. Upon discovery of the unauthorized activity, we took swift action to identify and address the incident”.

Following their initial investigation, Paramount adhered to the data breach protocol by engaging with a third-party cybersecurity specialist for a thorough analysis, informed law enforcement, and began enhancing security measures to prevent similar future breaches. Furthermore, the company offered victims two years of free identity protection and credit monitoring services.

Just last month, Paramount-owned Nickelodeon also reported a potential breach, which led to the leak of 500GB worth of stolen documents and media files. Moreover, Dark Reading added that alongside Paramount, fashion retailer Forever 21 also reported a data breach incident, exposing the personal information of more than 500,000 customers.