The Screen Actors Guild - American Federation of Television and Radio Artists (SAG-AFTRA), representing more than 160,000 talented people, from actors to editors, journalists, DJs, and other artistic professionals, issued a warning last week after a payroll processor reported a data breach.
According to SAG-AFTRA, the payroll firm American Residuals and Talent, Inc (ART Payroll) reported the breach earlier this week, which could impact some of their clients. In a letter to the California Attorney General, ART Payroll said that the breach started after someone compromised a Web application.
The incident happened on October 18 of this year, and the attackers had access to the database for about two hours. It isn't clear what information, if any, was accessed, but the assumption is that everything was.
In a letter to clients, ART Payroll explains:
"We launched an investigation and retained outside forensic experts to confirm whether employee information may have been accessed. On November 10, 2014, our experts determined that your information may have been accessed by the intruders. While our investigation is ongoing, it is possible that none of your information was accessed or taken. We are unaware of any actual or attempted misuse of your information, but we are providing notice of this incident to you out of an abundance of caution."
According to the letter, the attacker might have been able to access names, addresses, birthdays, email addresses, telephone numbers, Social Security Numbers, banking information, ART Payroll account numbers, as well as account usernames and passwords.
Anyone impacted by the incident has until April 30, 2015 to enroll in Experian's ProtectMyID Alert program, offered at no cost. Details on how to do so were included in letters that were mailed out earlier this week.
The ART Payroll breach is just the latest security issue impacting Hollywood.
For the last two weeks, the news cycle has been dominated by the security problems at Sony Pictures, which is struggling to recover from a disastrous data breach.