Urban One, a Maryland-based media conglomerate serving the African American community through multiple TV channels, dozens of radio stations and news websites, disclosed a sophisticated social engineering–driven breach that began on February 13. Attackers infiltrated internal systems and exfiltrated sensitive employee data—including names, addresses, Social Security numbers, direct deposit information and W-2 forms—without disrupting ongoing operations. The company detected the intrusion on March 15; a forensic investigation completed by March 30 confirmed that hackers stole the records of 355 Texas residents. In breach filings submitted in Texas and Massachusetts, Urban One offered two years of credit monitoring services to affected individuals and notified law enforcement. The incident was claimed by the Cactus ransomware gang on March 12, one of several high-profile attacks it has carried out since its 2023 emergence, following incidents at Americold, Schneider Electric and public agencies. Urban One, which reported roughly $450 million in 2024 revenue and previously suffered a 2019 SSN theft, has not provided further comment, highlighting ongoing vulnerabilities to social engineering and data exfiltration threats.
Source: https://therecord.media/urban-one-data-breach-african-amercian-media
TPRM report: https://scoringcyber.rankiteo.com/company/urban-one-inc
"id": "urb000042925",
"linkid": "urban-one-inc",
"type": "Breach",
"date": "4/2025",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': '355 Texas residents',
'industry': 'Media',
'location': 'Maryland',
'name': 'Urban One',
'type': 'Media Conglomerate'}],
'attack_vector': 'Social Engineering',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '355 Texas residents',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information',
'Financial Information']},
'date_detected': '2023-03-15',
'description': 'Urban One, a Maryland-based media conglomerate, experienced a '
'sophisticated social engineering–driven breach that began on '
'February 13. Attackers exfiltrated sensitive employee data '
'including names, addresses, Social Security numbers, direct '
'deposit information, and W-2 forms. The incident was detected '
'on March 15 and confirmed by March 30. The Cactus ransomware '
'gang claimed responsibility.',
'impact': {'data_compromised': ['names',
'addresses',
'Social Security numbers',
'direct deposit information',
'W-2 forms'],
'identity_theft_risk': 'High',
'payment_information_risk': 'High'},
'investigation_status': 'Completed',
'motivation': 'Data Exfiltration',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Cactus'},
'regulatory_compliance': {'regulatory_notifications': 'Yes'},
'response': {'communication_strategy': 'Offered two years of credit '
'monitoring services to affected '
'individuals',
'law_enforcement_notified': 'Yes'},
'threat_actor': 'Cactus ransomware gang',
'title': 'Urban One Data Breach',
'type': 'Data Breach'}