RansomHub claims to have stolen information from two million Frontier Communications customers last week, totaling 5 GB of data. Security Affairs reported that stolen data included names, email addresses, SSNs, credit scores, dates of birth, and phone numbers.
The ransomware group posted screenshots online of compromised data with the message, “We gave Frontier 2 months to contact us, but they don’t care about clients’ data. Now, anyone who wants to buy this data can contact our blog support; we only sell it once.” RansomHub threatened to publish the stolen data if Frontier did not pay the ransom within nine days.
Frontier was aware of a data breach, notifying the Securities and Exchange Commission (SEC) of a cyberattack on April 14. The company shut down its systems, launched an investigation, and implemented actions to contain the incident.
“Based on our investigation, we have determined that the third party was likely a cybercrime group, which gained access to, among other information, personally identifiable information,” Frontier said in its SEC Form 10-Q (quarterly report of financial performance) in May. The company added that it “engaged cybersecurity experts and have notified law enforcement authorities.”
Frontier contacted over 751,895 customers of the data breach last week, notifying them that their personal information was stolen in the attack. Security Affairs reported that Frontier does not believe that financial information was affected.
The company is offering impacted customers a year of complimentary credit monitoring and identity theft resolution services. It advises affected individuals to “remain vigilant” in identifying “suspicious activity” on accounts.
Reader Interactions