Big Three label Warner Music Group (WMG) has suffered a major data breach and credit card hack.
Warner Music Group officials recently confirmed the unsettling development in a letter, which was promptly dispatched to those whose personal and financial information may have been compromised. The notice doesn’t specify exactly how many accounts were affected by the hack. Still, it acknowledges that the unauthorized (and presumably unidentified) third party or parties targeted “a number of e-commerce websites operated by Warner Music Group.”
After apologizing to the impacted customers and reiterating its commitment to protecting their sensitive data, WMG specifies that the breach was discovered on Wednesday, August 5th. The shocking case of digital theft may have encompassed “any personal information” entered into Warner Music’s webstores – including shoppers’ names, email addresses, street addresses, telephone numbers, and credit card particulars – between Saturday, April 25th and August 5th. Given that the sensitive info appears to have been lifted across a more than quarter-year-long stretch, one would assume that the high-profile crime affected a bevy of consumers.
From there, the letter notes that Warner Music “immediately launched a thorough forensic investigation…and promptly took steps to address and correct the issue” upon learning of the remote crime. WMG is also continuing to work with law enforcement, though it’s unclear at this time whether the probe has uncovered details that could lead to the culprit’s (or culprits’) arrest.
Warner Music higher-ups “strongly encourage” those who bought items via their websites during the aforementioned three-month window to “remain vigilant for any unauthorized use” on credit cards as well as questionable emails penned by persons claiming to be or represent WMG. (In the episode’s sole bright spot and source of relief for some dismayed music fans, the letter explicitly states that the hack didn’t reach payments processed via PayPal.)
Lastly, Warner has covered the cost of (and encouraged its buyers to utilize) identity-monitoring services from Kroll, a New York City-headquartered risk consulting and corporate investigations firm. Victims of the breach can apply for the complimentary 12-month protection (by Friday, December 11th, it bears mentioning) here, using the unique membership ID number disclosed in the letter.
During today’s trading hours, WMG stock parted with 2.2 percent of its value, dropping to $28.45 per share. At the time of this writing, however, after-hours trades had brought with them a 1.65 percent boost, elevating the stock’s worth to $28.92 per share.