
Lawsuit Claims Some Employees Were Not Notified of Stolen Sensitive Data
Paxton Media Group (PMG) is being sued in federal court after a data breach. The lawsuit claims that Paxton waited over three months to inform employees that their data had been compromised in the attack.
PMG owns over 100 news outlets nationwide.
Hackers attacked Paxton between February 26 and March 20, 2021. The attackers exfiltrated current and former employee data including Social Security numbers, bank account and routing numbers, credit card numbers, and other assorted sensitive data.
Paxton notified some employees on around June 24, 2021, but some employees still have not been notified.
According to Jason Riley, a criminal justice journalist for WDRB in Louisville, Kentucky, the lawsuit claims that “some of the private information was sold on the “dark web.”
The dark web is a network of websites that is not publicly available using traditional web browsers like Chrome, Firefox, or Safari. Sometimes dark web marketplaces are publicly accessible but stolen goods are hidden unless you know where to look. Payments are made using cryptocurrencies. Dark web marketplaces may also sell illegal drugs, weapons, and malware.
What to Do When Your Data is Stolen?
If you are informed or suspect that your personal data has been hacked or that a password has been compromised, you should change passwords immediately.
Identify what information has been hacked and inform the relevant organizations. For example, if your bank account was hacked you will need to inform your bank and freeze any lines of credit.
if your credit card was compromised then call the issuing bank immediately and have them issue a new card with new numbers.