Nickelodeon investigates possible data breach

Fortunately, the data stolen in the breach doesn’t seem to be personally identifiable, or sensitive in that manner.

No sensitive data

Soon after that, the company (owned by Paramount), confirmed having suffered an attack but added that the data stolen was not sensitive in the manner that they belonged to employees, customers, or partners. In a statement given to the publication, the organization said the data was limited to production resources and other intellectual property. It was also “decades” old.

"The alleged leaked content appears related to production files only, not long-form content or employee or user data, and some of it appears to be decades old," Nickelodeon was cited as saying.

Nickelodeon is a TV channel that produces and plays children’s content, and other content suitable for younger/family audiences. 

The breach seems to have happened sometime in January this year, with Nickelodeon plugging the hole two months later. We don’t know who the threat actors are, or how they managed to access Nickelodeon’s endpoints. The files were apparently exfiltrated to a private Discord server, and subsequently shared elsewhere. We don’t know if any zero-days, or malware, were used in the attack. 

In its comment on the news, BleepingComputer states that if the leak doesn’t cause Nickelodeon any significant business damage, it will probably dodge the bullet, as the redistribution of copyright-protected intellectual property is illegal. However, so is sharing personally identifiable information, but that never stopped cybercriminals from engaging in data theft, identity theft, or wire fraud, anyway.

• These are the best malware removal tools right now

Via: BleepingComputer