Detroit PBS notifies 1,700 of data breach that compromised SSNs, passwords, financial and medical info

Detroit PBS over the weekend confirmed it notified 1,694 people about an August 2024 data breach that compromised the following private info:

• Names
• Social Security numbers
• Passwords and usernames
• Medical info
• Health insurance info
• Addresses
• Employer ID numbers
• Driver’s license numbers

The public broadcaster says unauthorized users accessed its systems between August 12 and August 31, 2024. Ransomware gang Qilin claimed responsibility for the breach on September 23, 2024, saying it stole 573 GB of data.

Detroit PBS has not verified Qilin’s claim. We do not yet know if Detroit PBS paid a ransom, how much Qilin demanded, or how attackers breached Detroit PBS systems. Comparitech contacted Detroit PBS and will update this article if it replies.

“On September 1, 2024, Detroit PBS detected suspicious activity related to certain systems within its environment,” says the broadcaster in its notice to victims. “Detroit PBS launched an investigation and determined that certain systems had been infected with malware, which prevented access to certain files. The investigation determined that an unauthorized actor exfiltrated information from the Detroit PBS environment.”

Detroit PBS is offering eligible victims 12 months of free credit monitoring via Experian. The deadline to enroll is May 30, 2025.

Who is Qilin?

Qilin, also known as Agenda, is a Russia-based hacking group that mainly targets victims through phishing emails to spread its ransomware. It launched in August 2022 and runs a ransomware-as-a-service business in which affiliates pay to use Qilin’s malware to launch attacks and collect ransoms.

Since it began posting targets to its leak site in 2022, Qilin claimed responsibility for 46 confirmed ransomware attacks, compromising 1.5 million records.

Qilin’s other recently confirmed targets include the city of West Haven, CT; the German Bishop’s Conference; and the Palau Ministry of Health and Human Services.

Qilin claimed another 52 unconfirmed attacks so far in 2025 that haven’t been acknowledged by the targeted organizations. So far, Qilin’s activity in 2025 looks to be in the rise from last year.

Ransomware attacks in the USA

Ransomware attacks can both steal data and lock down computer systems. Organizations must either pay a ransom or face extended downtime, data loss, and putting customers at risk of fraud.

Comparitech researchers logged 688 confirmed ransomware attacks on US organizations in 2024, and 17 so far in 2025.

In another recent attack, Lee Enterprises confirmed a ransomware attack this month that caused over a week of downtime for many of its publications.

About Detroit PBS

Detroit Public Broadcasting, also known as WTVS, Channel 56, and Detroit PBS, is a community-licensed TV station owned by Detroit Public Media.