Charter Communications Data Breach Could Impact Nearly 5 Million

Charter Communications Data Breach Could Impact Nearly 5 Million

Briefly

"ShinyHunters is known for engaging in voice phishing attacks to gain access to victim organizations' networks and rapidly exfiltrate data that it then threatens to leak online unless a ransom is paid. The group lists its victims on a Tor-based leak site, and the data it claims to have been stolen from Charter was made available for download on that portal on Thursday, which suggests that the company did not pay a ransom to prevent its publication."

"According to ShinyHunters' post, the stolen data includes over 42 million customer records, along with customer proprietary network information (CPNI). The number of potentially affected individuals, however, appears to be only 4.9 million, data breach notification website HaveIBeenPwned says. Its analysis of the data revealed 4.9 million unique email addresses, along with names, addresses, and phone numbers."

"The data contains 85,000 records associated with employee accounts, each of which includes a job title. Over the past year, ShinyHunters has claimed numerous high-profile data breaches, mainly involving Salesforce customers. Some of these include Canvas, CarGurus, Carnival, Panera Bread, 7-Eleven, and Grafana."

""We are aware of the situation, following our security protocols, and are working with appropriate authorities. Only sales tools used to manage current, past, and prospective business customers were impacted; no CPNI or sensitive PI was released by the threat actor," a Charter spokesperson said, responding to a SecurityWeek inquiry."