The Epoch Times, an international far-right media outlet, suffered a significant data breach where a database containing 32 million records was allegedly stolen and leaked online. The exposed data included full names, usernames, phone numbers, email addresses, billing addresses, device details, locations, invoices, and credit card information (though no card numbers were found in the sampled files). While credit card numbers were not explicitly confirmed in the leaked sample, the remaining exposed details such as personal identifiers, financial transaction records, and subscriber data pose severe risks. Malicious actors could exploit this information for phishing, identity theft, targeted scams, or further cyberattacks against subscribers. The attackers provided an email for potential ransom negotiations but did not publicly state demands. The breach underscores critical vulnerabilities in the company’s data security, exposing sensitive customer information without immediate evidence of ransomware involvement.
Source: https://www.scworld.com/brief/the-epoch-times-purportedly-hacked-32m-records-exposed
TPRM report: https://www.rankiteo.com/company/the-epoch-times
"id": "the3063030111725",
"linkid": "the-epoch-times",
"type": "Breach",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '32 million subscribers',
'industry': 'News/Publishing',
'location': 'International (Headquartered in New York, '
'USA)',
'name': 'The Epoch Times',
'type': 'Media Organization'}],
'data_breach': {'data_exfiltration': 'Yes (leaked online)',
'file_types_exposed': ['.txt'],
'number_of_records_exposed': '32 million',
'personally_identifiable_information': 'Yes (full names, '
'usernames, phone '
'numbers, emails, '
'billing addresses, '
'locations)',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Identifiable '
'Information (PII)',
'Financial Data (claimed)',
'Subscriber Metadata']},
'description': 'International far-right media outlet The Epoch Times was '
'reported by SafetyDetectives cybersecurity experts to have a '
'database of 32 million records allegedly stolen from its '
'systems leaked online. The exposed data included full names, '
'usernames, phone numbers, credit card numbers (though not '
'found in the sampled files), card expiration dates, invoices, '
'emails, billing addresses, devices, and locations belonging '
'to subscribers. While no credit card information was found in '
'the sampled .txt files, the exposed data remains highly '
'sensitive and could be exploited by malicious actors for '
'targeted attacks. Attackers provided an email address for '
'negotiation but did not specify demands.',
'impact': {'brand_reputation_impact': 'High (potential reputational damage '
'due to exposure of 32 million '
'subscriber records)',
'data_compromised': ['Full names',
'Usernames',
'Phone numbers',
'Credit card numbers (claimed but not '
'verified in sample)',
'Card expiration dates',
'Invoices',
'Emails',
'Billing addresses',
'Devices',
'Locations'],
'identity_theft_risk': 'High (sensitive personal data exposed)',
'payment_information_risk': 'Moderate (credit card details claimed '
'but not confirmed in sample)'},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes (leaked online; email '
'provided for negotiation)',
'high_value_targets': 'Subscriber database'},
'investigation_status': 'Ongoing (reported by third-party cybersecurity '
'experts)',
'ransomware': {'data_exfiltration': 'Yes (leaked, not encrypted)'},
'references': [{'source': 'Cybernews'}, {'source': 'SafetyDetectives'}],
'response': {'third_party_assistance': 'SafetyDetectives (investigation)'},
'title': 'Data Breach at The Epoch Times Exposes 32 Million Subscriber '
'Records',
'type': 'Data Breach'}