Paramount Parent Company, National Amusements, Announces Data Breach a Year Later
Table of Contents
- By Steven
- Dec 29, 2023
National Amusements (NA) is in Norwood, Massachusetts. They are the majority shareholder for media sources, including CBS, Viacom, and Paramount. They operate thousands of movie theaters nationwide, including Showcase SuperLux, Cinema de Lux, Showcase Cinemas, and Multiplex Cinemas. NA’s widespread ties to the entertainment and news cycles may have made it a target. In December 2022, NA suffered a network breach; its report is one of the last to appear in the final days of 2023.
How Did the Attack Occur?
The public information about the event comes from the Maine Attorney General’s breach filing and the associated notice sample. According to the sources above, NA’s cyber event involved an external system breach where an unauthorized party accessed their network. Once inside, the cybercriminal purportedly viewed or copied files containing data. The breach filing does not say how the assailant made the attack possible, but speculations exist. For example, the Maine filing comes from NA’s Senior Vice President of HR; this suggests the event may have resulted from an employee error, misconfiguration, or even successful phishing attack.
What Information Was Viewed or Stolen?
There are fewer public details concerning the type of data stolen in this event. The notice is a sample and, as a result, does not reflect the complete scope of the exposures. Instead, it only lists a name and an extra element. However, according to the breach filing, the assailants may have accessed financial account numbers, credit and debit card numbers, and their confirming details like security code, access code, password, or PIN. In typical cyber events, more information would likely appear following investigations; however, because the breach happened over a year ago, it is unlikely for the public to learn more details.
How Did National Amusements Admit to the Breach?
According to the published resources, the breach happened from December 13th, 2022, to December 15th. On this day, NA officials discovered suspicious activity within their network and moved to contain the threat. They presumably opened investigations after this and worked with cyber experts to analyze the scope of impact. These internal investigations concluded around August 23rd, 2023 (although this is not in the notice). The next notable date isn’t until December 22nd, 2023—when officials began sending notices to those impacted.
What Will Become of the Stolen Information?
The data stolen in this event is personal but most significantly impacts the victims’ financial accounts. In combination with a name, cybercriminals can use the account and card information in many ways. Apart from fraudulent or thieving activities draining the victim’s accounts, they could use accounts for wire or transfer fraud or sell the information on the dark web, loosing it to anyone with enough cash.
What Should Affected Parties Do in the Aftermath of the Breach?
Had NA’s response plan been faster or conducted differently, the victims of this breach may have been better prepared. By NA’s response taking over a year, the victims of this event must now respond retroactively rather than proactively. In most cases, the easiest way to protect their accounts is by getting new ones. New financial accounts, cards, activation passwords, and associated securities are all reasonably straightforward processes. Some victims may find that their accounts are intertwined with others, making the process of a new account challenging; in these situations, we suggest financial monitoring services—even if you can’t get a new account, you can still protect yourself and your data.