Radio Free Asia breach impacts nearly 4K individuals

At least 3,779 individuals had their personal data compromised in a cyberattack against U.S. government-funded news service Radio Free Asia in June, reports The Record, a news site by cybersecurity firm Recorded Future. RFA disclosed that its email system had been compromised on June 17, with attackers exploiting a service provider's vulnerability, which was not known by the news service at the time, to obtain access to a limited number of servers housing personal information, including addresses, driver's license numbers, Social Security numbers, passport numbers, health insurance data, medical details, and "limited financial information." Several measures have already been conducted to address the incident, including taking systems offline, but RFA noted that there has been no evidence suggesting any misuse of the compromised data. RFA has also not received any communication from the attackers, according to RFA spokesperson Rohit Mahajan. The attack on RFA follows a recent string of cyberattacks targeted at news organizations, including Fast Company, The Wall Street Journal, New York Post, and Nikkei.