Photo Credit: iHeartMedia
The complaint filed on behalf of Tennessee resident Cheryl Shields and affected individuals, revolves around the significant delay in notifying those who were impacted by the data breach in December. iHeartMedia did not complete its investigation into the data breach until April 11, 2025 and then only began the notification process on April 30—over four months after the breach occurred.
“As a result of this delayed response, the plaintiff had no idea for four months that their private information had been compromised,” the lawsuit reads. “The risk [from this data breach] will remain for their respective lifetimes.”
Shield’s legal team argues that iHeartMedia’s security protocols were insufficient for a company of its scale and responsibility. “Had iHeart properly monitored its networks, it would have discovered the breach sooner,” the lawsuit asserts. Her lawyers argue that the stolen data represents a “treasure trove for data thieves.”
iHeartMedia says it quickly activated response protocols once the data breach was discovered. Since the investigation, the company says it has “enhanced its current security protocols to help avert similar occurrences in the future.” As a result of the data breach, iHeartMedia has offered all impacted customers complimentary credit monitoring service.
Data breaches can often lead to class action litigation like this—take the Equifax case in 2017. That class action lawsuit resulted in a $425 million settlement after the personal information of more than 150 million Americans was exposed.
The iHeartMedia data breach was much smaller—but the full national scope has not yet been disclosed. Attackers accessed and obtained files stored at several of the company’s local radio stations over the course of a three-day period (December 24-27), exploiting the holidays and reduced staffing during this time period.
Share on:
1:25-cv-03801
You must be logged in to post a comment.
iHeartMedia Faces Class Action Lawsuit After Major Data Breach – Digital Music News
