Cyber Incident Victim: Omnicom Media Group

On or around February 15, 2021, Omnicom Media Group (OMG) publicly confirmed a cyber incident that caused disruptions to portions of its IT network. The company detected IT network disturbances in the days preceding the announcement, though the exact date of initial compromise remains unspecified in available reports. OMG characterized the event as a "cyber incident" but did not disclose technical details regarding attack vectors, malware variants, or threat actor attribution. The disruption primarily impacted OMG's agencies operating outside the United States, though the company maintained that domestic operations continued without significant interruption. In response to the incident, OMG engaged third-party cybersecurity experts to investigate the nature and scope of the network disruption. The organization publicly asserted confidence that no sensitive data was compromised during the breach, though no supporting evidence or audit methodology was provided to substantiate this claim.

OMG implemented immediate containment measures while maintaining business continuity across its global operations. The company reported making "significant progress" toward restoring full functionality to affected systems by the time of its public disclosure on February 15. No ransomware notes, data exfiltration evidence, or extortion demands were referenced in available reporting. The incident response focused on system restoration rather than forensic analysis in public communications. Marketing-Interactive attempted to obtain additional details from OMG, but no supplemental information was released beyond the initial statement. Business operations continued throughout the remediation process with acknowledged interruptions limited to non-US agency functions. The company did not disclose whether the incident triggered regulatory notifications or client advisories under data protection laws.