"On Sunday night, a cybercrime crew called Crimson Collective said in its Telegram channel that it had, "in our hands," more than one million residential users' details including: customer/account master records containing names, emails, phone numbers, billing and service addresses; session and user IDs; payment history and methods linked to accounts including the last four digits of customers' credit cards; order records and other information."
"A day later, the crims published samples of the allegedly stolen files on the same channel. While they wouldn't say how they gained access to the broadband provider's systems, a Crimson Collective spokesperson told The Register that it was a "sophisticated attack" that also allowed them to "disconnect every user from their mobile service." We can't verify this claim, so take it for what it is."
Brightspeed confirmed an investigation into claims that criminals stole more than one million customers' records and listed the dataset for three bitcoin (about $276,370). A company spokesperson said Brightspeed is investigating reports of a cybersecurity event and emphasized efforts to secure networks and monitor threats. The group Crimson Collective claimed to possess account master records, names, emails, phone numbers, billing and service addresses, session and user IDs, payment history and methods including last four credit-card digits, and order records. The group published sample files, claimed a sophisticated attack and mobile-service disconnection capability, and set a sale price; the claims remain unverified.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]