Telecom giant Frontier shuts down some systems after cyberattack

Texas-based telecommunications company Frontier Communications reported a cyberattack to the Securities and Exchange Commission on Thursday.

The company provides internet services in more than 25 states and reported $5.75 billion revenues in 2023. 

The company said it detected unauthorized access to its IT systems on April 14 and began instituting “containment measures” that included “shutting down certain of the Company’s systems.” The shutdowns caused operational disruption that the company said “could be considered material.”

“Based on the Company’s investigation, it has determined that the third party was likely a cybercrime group, which gained access to, among other information, personally identifiable information,” the company said in the SEC filing.  

“As of the date of this filing, the Company believes it has contained the incident and has restored its core information technology environment and is in the process of restoring normal business operations.”

Investigations into the incident are ongoing and they have hired cybersecurity experts to help with the incident. Law enforcement agencies have been notified. 

Despite saying that the shutdowns could be considered material, Frontier later wrote that it “does not believe the incident is reasonably likely to materially impact the Company’s financial condition or results of operations.”

The company did not respond to requests for comment about this discrepancy. 

On its website, Frontier says it is experiencing technical issues with its internal support systems and provided a phone number for those in need of assistance. 

No hacking group has taken credit for the incident as of Thursday afternoon. Dozens of telecommunications companies have been targeted in recent months as both cybercriminals and nation-states increase the tempo of attacks on consumer data-rich companies. 

Just last week, another telecommunication giant — AT&T — reported that more than 51 million people were affected by a recently-disclosed data breach that included troves of customer information including Social Security numbers, AT&T account numbers and AT&T passcodes.

The Federal Communications Commission updated its data breach rules for the first time in 16 years in December, expanding regulations on how telecommunication companies report cybersecurity incidents.

FCC Chairwoman Jessica Rosenworcel argued that the rules the agency created more than 15 years ago are no longer compatible with a modern world where telecommunication carriers have access to a “treasure trove of data about who we are, where we have traveled, and who we have talked to.”