Time Warner
September 4, 2017 by

Time Warner Data Breach Exposes Millions of Customer Records

Charter Communications admitted that it had discovered a data breach containing the personal details of roughly four million records after a leak of a password-less Amazon server.

First discovered on August 24 by security researchers, two Amazon S3 buckets were found and linked to global communications company BroadSoft, a frequent partner firm of service providers including AT&T and Time Warner Cable (TWC). As it transpired, the files totaled over 600GB in size and contained information about unique customers including duplicate information in a breach that exposed the data of some four million customers.

Leaked data included email addresses, user names, MAC addresses, device serial numbers and financial transaction information. There is no evidence to show that the leak exposed any Social Security numbers or credit card details.

Other databases also revealed customers’ billing addresses, phone numbers and other contact details for hundreds of thousands of TWC subscribers. Internal company records including SQL data dumps, internal emails and code with credentials to a number of external systems were also present in these servers.

Charter communications purchased Time Warner Cable 16 months ago before Charter renamed its product as “Spectrum.” Charter added that affected customers were Time Warner Cable customers who used the ‘My TWC” mobile app.

In releasing a statement, Charter stated:

A vendor has notified us that certain non-financial information of legacy Time Warner Cable customers who used the My TWC app became potentially visible by external sources. Upon discovery, the information was removed immediately by the vendor, and we are currently investigating this incident with them. There is no indication that any Charter systems were impacted.

Details of the breach, ultimately published by cybersecurity firm Kromtech on Friday, was delayed for BroadSoft to privately alert its clients.

Charter added:

We apologize for the frustration and anxiety this causes, and will communicate directly to customers if their information was involved in this incident.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

US Health Department Outlines Breach Notification Guidelines

The US Department of Health & Human Services (HHS) has clarified its requirements for entities...

Read more arrow_forward

Delta Airlines Admits to Data Breach of ‘Several Hundred Thousand' Customers

Major airline operator Delta has said that a cyberattack targeting a third-party contractor has...

Read more arrow_forward

Panera Bread Breach Could Affect Over 37 Million Customer Records

Popular bakery chain Panera Bread has been leaking millions of customer records in the for at least...

Read more arrow_forward