ShinyHunters publishes Charter Communications data after failed extortion - up to 5 million customer records now leaked, not just claimed
The ShinyHunters extortion group has now published the Charter Communications data it stole, after the telecom giant apparently refused to pay. Earlier reporting put the breach at 4.9 million HIBP-confirmed unique accounts; ShinyHunters' leak is described as potentially impacting up to 5 million customers. Charter is one of the largest US telecoms, providing internet, cable, mobile, and phone services to residential and business customers under the Spectrum brand. The data was originally exfiltrated via voice-phishing of a Microsoft Entra account on April 1 and a Salesforce export. With the data now public rather than merely claimed, the phishing and identity-theft risk to affected customers rises sharply.
- Check
- If you are a Charter/Spectrum customer or vendor, treat the leaked dataset as public now. Watch for Spectrum-themed phishing and account-recovery fraud over the next 60-90 days.
- Affected
- Up to 5 million Charter/Spectrum customers whose records are now publicly leaked, not just claimed. Names, contact details, and plan information enable targeted phishing and impersonation.
- Fix
- Affected individuals: rotate Spectrum credentials, enable MFA, scrutinize unsolicited Charter contacts. Organizations: refresh breach-monitoring watchlists and brief help desks against Charter-themed social engineering.