US media conglomerate Urban One this week confirmed it notified hundreds of people about a February 2025 data breach that compromised names, Social Security numbers, direct deposit info, W-2 information, and home addresses.
Ransomware gang Cactus claimed responsibility for the breach on March 12, 2025, saying it stole 2.5 TB of data from Urban One. To prove its claim, Cactus posted a sample of what it says are stolen documents on its data leak site. The “proof pack” includes a passport, contracts, and company income statement.
Urban One hasn’t disclosed the total number of people it notified about the breach, but disclosures submitted to the attorneys general of Texas and Massachusetts show Urban One notified 355 and two people in those states, respectively.
Urban One has not verified Cactus’ claim. We do not know whether Urban One paid a ransom, how much Cactus demanded in ransom, or how attackers breached the company’s network. Comparitech contacted Urban One for comment and will update this article if it replies, or if more states reveal breach figures.
Urban One says it discovered the breach on March 13, 2025, one day after Cactus claimed responsibility. The company says the compromised personal data belonged to employees.
“Beginning on February 13, 2025, an unauthorized third party gained access to our network through a sophisticated social engineering campaign, which led to the unauthorized exfiltration of company data, including employee personal information,” says Urban One’s notice (PDF) to victims.
Urban One is offering eligible victims two years of free credit monitoring through Experian. The deadline to enroll is July 31, 2025.
Who is Cactus?
Cactus is a ransomware gang that began claiming responsibility for cyber attacks in April 2023. Its double-extortion scheme involves both stealing data and locking down target systems, then demanding ransom both to unlock systems and to delete stolen data.
Cactus has claimed 46 confirmed ransomware attacks since it started posting targets to its data leak site, plus 191 unconfirmed claims that haven’t been acknowledged by the targeted organizations.
Other recently confirmed claims made by Cactus include:
- Kinsey’s Archery Products notified 1,330 people of a January 2025 data breach
- Athena Cosmetics notified 422 people of a January 2025 data breach
- Tempel steel Company was attacked by Cactus in February 2025
- Assa Abloy (Sweden) was hit by Cactus in March 2025
Ransomware attacks in the USA
Ransomware attacks can both lock down computer systems and steal data. Organizations are then forced to either pay a ransom or face extended downtime, data loss, and putting data subjects at increased risk of fraud.
Comparitech researchers logged 87 confirmed ransomware attacks in 2025 to date, compromising more than 640,000 records. The average ransom is $1.18 million.
Other recently confirmed ransomware attack on US organizations include:
- Baltimore City Public Schools suffered an attack in February 2025
- Horizon Behavioral Health notified patients of a March 2025 breach
- Arizona Federal Public Defender’s Office is suffering from an ongoing attack that delayed trials
About Urban One
Founded in Silver Spring, MD in 1980, Urban One is a media conglomerate that primarily targets African Americans. It operates more than 50 radio stations and two TV channels. Urban One is the largest black-owned broadcasting company in the US.
Source link
-
-
-
-
-
-
-
-
