MediaWorks, a prominent media company, has confirmed a cyberattack in a recent update. The MediaWorks cyberattack came to light on the evening of March 14 when the threat claimed the attack on a dark web forum.
The company responded by shifting all current competition entries to a new secure database after claims surfaced regarding a breach affecting data from website competition entries.
In a statement titled “An update regarding MediaWorks’ cyber security incident,” the company emphasized its commitment to data security and assured stakeholders that its technology team, in collaboration with external experts, was actively investigating the cyberattack on MediaWorks.
The company expressed regret for any inconvenience caused and pledged to share more information as it became available.
Decoding the MediaWorks Cyberattack
OneERA, a threat actor operating on the dark web, asserted responsibility for the MediaWorks cyberattack. The breach reportedly resulted in the unauthorized access of a significant 2,461,180 records purportedly containing personally identifiable information (PII) of individuals in New Zealand.
The compromised data, as claimed by OneERA, encompassed sensitive particulars, including full names, addresses, mobile numbers, email addresses, dates of birth, and additional details.
In a dark web post laying claim to the MediaWorks cyberattack, the perpetrator stated, “Guys, we have stolen 2,461,180 New Zealand citizens’ data from mediaworks.co.nz. We plan to sell this data, so please contact us as soon as possible if you’re interested. The data we successfully stole include: [Citizens’ names, home addresses, mobile numbers, email addresses, dates of birth, home phone numbers, user postal codes, user genders, Userlds]”.
Despite this alarming revelation, MediaWorks officials have remained silent on the matter in their public statements, neither confirming nor denying the hacker’s claims.
Moreover, on the BreachForums, OneERA publicly advertised the sale of the pilfered PII data, alongside supplementary private materials like survey responses, videos, music content, and electoral information. Dated March 14, 2024, the post delineated the scope of the MediaWorks data breach and urged prospective purchasers to initiate private communication for further details.
The Aftermath of the Cyberattack on MediaWorks
The aftermath of the cyberattack saw hackers connected to the breach resorting to blackmail tactics. Victims were threatened with the public release of their private information unless they complied with the hackers’ demands. According to reports from Newshub, individuals affected by the breach received emails from the hackers, indicating that their data had been compromised.
The hackers, dissatisfied with MediaWorks’ response to their initial negotiation attempts, demanded a ransom of US$500 (approximately NZ$820) in Bitcoin to prevent the public disclosure of the data. They warned recipients that time was of the essence, emphasizing the urgency of the situation.
In response to these developments, MediaWorks acknowledged the direct approaches made by the hackers to individuals affected by the breach. The company urged anyone with concerns to reach out to its privacy office at [email protected] for assistance.
This is an ongoing story and The Cyber Express will be closely monitoring the situation and has reached out to MediaWorks to learn more about this data breach and the numbers asserted by the threat actors. TCE will update this post once more information is received on the MediaWorks cyberattack or any further notices from the organization.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
