Spectrum Owner Charter Says Data Breach Exposed 4.9 Million Accounts

The hacker group ShinyHunters has been on a tear this year, having compromised several organizations and leaking the information of those that refused to pay up. The latest data breach involves Charter Communications, which offers consumers and businesses broadband internet services through its Spectrum brand.

The intrusion into Charter’s systems occurred back in April, with ShinyHunters claiming that it was able to nab 42 million records. The group demanded a ransom from the company, which Charter opted not to pay, and that led to a public data dump of the information.

In a statement to Bleeping Computer the company said that “no sensitive personal information (PI) or customer proprietary network information (CPNI) data was exfiltrated by the threat actor as a result of recent activity."

However, Have I Been Pwned analyzed the data included in the leak and shared that it exposes “4.9M unique email addresses along with names, phone numbers and physical addresses.” Moreover, roughly 85,000 of these records look to have been pilfered from an internal employee directory as they include information such as job titles.


While the majority of ShinyHunters’ successful hacks have recently involved leveraging security issues related to the Salesforce platform, this attack started with voice phishing and social engineering. It’s a technique where a malicious actor tricks someone into divulging information through a phone call, and in this case, it led to the group acquiring access to the Microsoft Entra account of a Charter employee.

Once the hackers gained a foothold through Microsoft Entra they quickly pivoted to an environment they are familiar with, the company’s Salesforce instance. This move provided access to the personal information of the millions of accounts that it would ultimately end up releasing online.

ShinyHunters have claimed the group will be “retiring” sometime soon. Time will tell if that proves accurate.