Charter Communications says vendor breach exposed some customer data
Telecommunications company Charter Communications said one of its third-party vendors suffered from a security breach after data from the company showed up on a hacking forum.
On Thursday, a forum user posted information allegedly stolen from the company that included names, account numbers, addresses and more for about 550,000 customers.
“We are aware of the post and following our security protocol in response. The initial evidence suggests that one of our third-party vendors had a security breach,” a spokesperson said. “At this time, we do not believe that any customer proprietary network information or customer financial data was included.”
The spokesperson did not respond to follow-up questions about what third-party vendor was hacked, when the hack occurred or when affected customers will be notified.
Charter Communications is the second largest cable operator in the U.S. and fifth largest telephone provider – with more than 32 million customers in 41 states. On Friday, it reported nearly $14 billion in revenue for the last quarter of 2022.
The hacker post says the database includes a range of information on repairs and sales.
IntelBroker has added the database of Charter Communications (https://t.co/m9djfZPZl0) to the hacker's forum, claiming that it contains 550K user records including AcctountNumber, UniqueID, address, and so on.#USA #darkweb #deepweb #databreach #cyberrisk pic.twitter.com/LIYZti0T2q— FalconFeedsio (@FalconFeedsio) January 27, 2023
The breach comes just two weeks after the Federal Communications Commission voted unanimously to investigate potential changes to the breach notification rules for telecommunications companies.
FCC Chairwoman Jessica Rosenworcel said the rules the agency created more than 15 years ago are no longer compatible with a modern world where telecommunication carriers have access to a “treasure trove of data about who we are, where we have traveled, and who we have talked to.”
In a 40-page proposal document, the FCC explained that there have been multiple breaches affecting the country’s largest telecommunications companies: Verizon, T-Mobile and AT&T.
“The law requires carriers to protect sensitive consumer information but, given the increase in frequency, sophistication, and scale of data leaks, we must update our rules to protect consumers and strengthen reporting requirements,” Rosenworcel said.
“This new proceeding will take a much-needed, fresh look at our data breach reporting rules to better protect consumers, increase security, and reduce the impact of future breaches.”
Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.