iHeartMedia, the largest radio station owner in the United States, experienced a data breach in December 2024 that exposed sensitive personal information, including Social Security and passport numbers, according to Cybernews.
The breach occurred between December 24 and 27 and affected files that had been stored on systems at a limited number of local stations. The company detected the incident in December, resolved the breach within a week, and concluded its investigation by April 11, 2025. Notifications to impacted individuals began on April 30. While iHeartMedia has not disclosed the total number of affected individuals, it confirmed that residents of Maine, Rhode Island, Maryland, New York, North Carolina, and New Mexico were among those impacted. All compromised files included names, with some also containing financial and government-issued identification details. The company stated that it promptly enacted its response protocols, contained the intrusion, and involved a third-party cybersecurity firm and law enforcement. To mitigate risk, iHeartMedia announced that it is offering one year of credit monitoring and identity theft protection to affected individuals and has implemented enhanced security measures following the breach.
The breach occurred between December 24 and 27 and affected files that had been stored on systems at a limited number of local stations. The company detected the incident in December, resolved the breach within a week, and concluded its investigation by April 11, 2025. Notifications to impacted individuals began on April 30. While iHeartMedia has not disclosed the total number of affected individuals, it confirmed that residents of Maine, Rhode Island, Maryland, New York, North Carolina, and New Mexico were among those impacted. All compromised files included names, with some also containing financial and government-issued identification details. The company stated that it promptly enacted its response protocols, contained the intrusion, and involved a third-party cybersecurity firm and law enforcement. To mitigate risk, iHeartMedia announced that it is offering one year of credit monitoring and identity theft protection to affected individuals and has implemented enhanced security measures following the breach.
