Cyber Security Threat Summary:
American entertainment giant Paramount Global disclosed a data breach after its systems got hacked and attackers gained access to personally identifiable information (PII). Paramount said in breach notification letters signed by Nickelodeon Animation Studio EVP Brian Keane sent to affected individuals that the attackers had access to its systems between May and June 2023. ‘Based on our investigation, the personal information may have included your name, date of birth, Social Security number or other government-issued identification number (such as driver's license number or passport number) and information related to your relationship with Paramount,’ the mass media giant told impacted people. After discovering the incident, the company took steps to secure impacted systems and started an investigation to establish the extent and scope of the breach. Paramount also hired a cybersecurity expert to help investigate the attack and is collaborating with law enforcement agents as part of an investigation. It said it's also upgrading security measures to ensure that similar incidents will not reoccur” (Bleeping Computer, 2023).

Security Officer Comments:
The company stated that less than 100 individuals were affected by the data breach. At the moment it is unclear if the affected individuals are employees or customers. Based on the investigation conducted, Paramount Global has no evidence to suggest that the information accessed has been misused. However, given that personally identifiable information was exposed, threat actors could use this data to conduct identity theft, social engineering, and targeted phishing attacks.

Suggested Correction(s):
Impacted users should be on the lookout for phishing emails requesting sensitive data and should closely monitor their financial accounts for suspicious activity. Paramount is also offering impacted users a free credit report which can be used for monitoring purposes.

Link(s):
https://www.bleepingcomputer.com/