On March 1, 2021, Atlantic Media, a minority shareholder and former corporate owner of The Atlantic, became aware that a serious issue was affecting its systems. Upon deeper investigation, it was discovered that an unauthorized actor had accessed its servers. Atlantic Media immediately engaged external forensics experts to lead an in-depth investigation into the situation and took measures to safeguard its systems as a team worked aggressively to restore the security and functionality of both systems and servers.
Based on several weeks of forensic investigation, which is now complete, we now know the following: The forensic investigation found no evidence that any subscribers’, customers’, or clients’ financial or sensitive information was involved.
Regrettably, however, as Atlantic Media today informed employees, the investigation determined that certain portions of the network file-share server were potentially briefly accessible to the unauthorized actors. The potentially accessible folders on that server included one containing W-2 forms, W-9 forms, and other tax documents that contain names and Social Security Numbers of certain current and former employees of Atlantic Media; its current and former subsidiaries and affiliates, including The Atlantic; and some specific independent contractors. It took several weeks into the investigation for evidence to be discovered that this type of information was potentially accessible, and additional time to confirm the scope of who was and was not affected. Atlantic Media does not have evidence of any fraudulent use or public disclosure of these data.