Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Cox Media Group Confirms Ransomware Attack That Took Down Broadcasts

Cox Media Group Confirms Ransomware Attack That Took Down Broadcasts

American media conglomerate Cox Media Group (CMG) confirmed that it was hit by a ransomware attack that took down live TV and radio broadcast streams in June 2021.

The company acknowledged the attack in data breach notification letters sent today via U.S. Mail to over 800 impacted individuals believed to have had their personal information exposed in the attack. The group first informed potentially affected individuals of the incident via email on July 30.

“On June 3, 2021, CMG experienced a ransomware incident in which a small percentage of servers in its network were encrypted by a malicious threat actor,” the broadcasting company said.

“CMG discovered the incident on the same day, when CMG observed that certain files were encrypted and inaccessible.”

Also Read: A Look at the Risk Assessment Form Singapore Government Requires

Personal info exposed, but not stolen

Cox Media Group immediately took down systems offline after the attack was detected and reported the incident to the FBI after starting an investigation with the help of external cybersecurity experts.

The media company found proof that the attackers harvested personal info stored on the breached systems. While they also tried to exfiltrate this data outside of CMG’s network, there is no evidence that they were successful in their attempt.

CMG found no evidence of identity theft, fraud, or financial losses impacting potentially affected individuals stemming from this incident since the June ransomware attack.

Personal information exposed during the attack includes names, addresses, Social Security numbers, financial account numbers, health insurance information, health insurance policy numbers, medical condition information, medical diagnosis information, and online user credentials, stored for human resource management purposes.

Ransom demand ignored

“CMG did not pay a ransom or provide any funds to the threat actor as a result of this incident. There has been no observed malicious activity in CMG’s environment since June 3, 2021,” CMG added.

The company has also taken several steps to improve its systems’ security since the incident to detect and block avoid further breach attempts.

“These steps include multi-factor authentication protocols, performing an enterprise-wide password reset, deploying additional endpoint detection software, reimaging all end user devices, and rebuilding clean networks,” CMG explained.

Also Read: CCTV Law Singapore Edition: Know Your Rights and Responsibilities

CMG is a broadcasting, publishing, and digital media services company created by merging Cox Newspapers, Cox Radio, and Cox Television in 2008.

Its operations include 33 television stations (including primary affiliates of ABC, CBS, FOX, NBC, and MyNetworkTV), 65 radio stations, as well as more than 100 news outlets.

Cox Media Group has not yet returned a request for comment made by BleepingComputer in June, right after the attack.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us