The notorious cybercriminal syndicate ShinyHunters has published a massive trove of stolen data belonging to Charter Communications, following an apparent breakdown in ransom negotiations.
The threat actors announced the leak on their dark web leak site, claiming they released 42 million records in retaliation for the telecom giant’s refusal to meet their demands. Charter Communications, which operates under the consumer brand Spectrum, is the largest cable operator and the fifth-largest telephone provider in the United States. The company has reportedly confirmed that it suffered a data breach.
“The company failed to reach an agreement with us despite our incredible patience, all the chances and offers were made,” the group wrote in a public statement on their blog.
An independent analysis of the leaked dataset by the Cybernews research team reveals that the exposure compromises the data of at least 13 million individuals. Cybersecurity experts note that the data primarily targets the corporate arm of the telecom giant.
The breach breakdown includes several highly sensitive categories:
-
The majority of the leaked customer information originates from Spectrum Enterprise, a specialised division providing telecommunications services to major corporations, large businesses, and government agencies. Exposed details include full names, corporate addresses, home addresses, and workplace email domains.
-
The dump includes nearly 10 million records from internal customer support tickets, which contain direct contact information such as individual phone numbers and email addresses.
-
Roughly 27,000 Charter employees have had their professional identities compromised, with work emails, exact job titles, and a number of physical home addresses exposed in the dump.
Security analysts warn that the specific composition of this stolen data makes it highly dangerous for those affected. Because the leak features heavily corporate email addresses, titles, and workplace domains, attackers are uniquely positioned to launch highly targeted phishing campaigns.
“Charter clients and employees may face increased risks of social engineering linked to the leaked data,” the Cybernews research team warned. Social engineering involves manipulating individuals into handing over confidential information, often through highly personalised scam emails or phone calls using the stolen data to build trust.
Experts also note that beyond the immediate threat to individuals, the security failure poses serious long-term risks to Charter’s business operations, impacting financial losses and reputation.
Charter Communications has not yet detailed how attackers initially gained access to their network or whether they are providing identity theft monitoring services for the millions of affected employees and enterprise clients.
