Brightspeed, the Charlotte, NC-based internet service provider with over one million fiber broadband customers in 20 states, is investigating security breach and data theft claims made by the hacker group Crimson Collective, according to BleepingComputer. Brightspeed is responding to a Telegram post made by Crimson Collective on January 4, which alleged that it had obtained sensitive personally identifiable information and account details on Brightspeed customers.
“We take the security of our networks and protection of our customers’ and employees’ information seriously and are rigorous in securing our networks and monitoring threats. We are currently investigating reports of a cybersecurity event,” Brightspeed said in a statement to BleepingComputer.
In October, the hackers gained unauthorized access to one of Red Hat’s GitLab products, part of the company’s consulting division, resulting in the theft of approximately 570GB of data from 28,000 internal development repositories. Subsequently, Crimson Collective collaborated with the Scattered Lapsus$ Hunters group and utilized the ShinyHunters data leak site in an attempt to exhort Red Hat. In December, Nissan disclosed that the personal information of around 21,000 Japanese customers was compromised due to the Red Hat data breach.
Since then, Crimson Collective has targeted AWS cloud environments to steal data and extort companies by exploiting exposed AWS credentials and creating unauthorized identity and access management accounts to escalate privileges, according to BleepingComputer.