Security and technology website Bleeping Computer reports that while investigating a 2019 cyber-attack on the company, Entercom also discovered that an unauthorized actor gained access to Radio.com user information for about three hours.
That unauthorized actor gained access to usernames and passwords, according to a Notice of Breach e-mail sent to Radio.com users last week (Friday, March 6). The company is strongly suggesting that Radio.com users change their username and password information.
Here’s what the e-mail says the company is doing to remedy the situation: “We have taken and continue to take steps to prevent this type of incident from happening in the future, including by implementing password rotations, enabling multifactor authentication and stronger password policies for all cloud services, enhancing and broadening auditing based on best practices advised by third party experts, configuring alerts for certain behaviors using the relevant platforms, and providing additional training to staff on data security. We are also notifying regulatory authorities, as required.”
well, luckily listening on Radio.com is not exactly robust.
There is absolutely NO EXCUSE for this to happen to any corporate entity in today’s age of KNOWN cyber threat/attack/hack environment! They shouldn’t wait until the train has left the station to “We have taken and continue to take steps to prevent this type of incident from happening in the future, including by implementing password rotations, enabling multifactor authentication and stronger password policies for all cloud services, enhancing and broadening auditing based on best practices advised by third party experts, configuring alerts for certain behaviors using the relevant platforms, and providing additional training to staff on data security. We are also notifying regulatory authorities, as required.”
Comments are closed.