Thursday, 23 November 2017
Latest news
Main » Data On 'Millions' Of Time Warner Cable Customers Leaked

Data On 'Millions' Of Time Warner Cable Customers Leaked

06 September 2017

Four million personal records of Time Warner cable customers were exposed.

Customer data for units of Charter Communications Inc. and other companies was left unprotected online in data stockpiles that Broadsoft Inc. kept online, security company Kromtech Alliance Corp. wrote on a company blog.

It came across two Amazon servers linked to global communications company BroadSoft, a TWC partner, the report said.

"We see more and more examples of how bad actors use leaked or hacked data for a range of crimes or other unethical purposes", Bob Diachenko, Kromtech's chief communications officer said.

More news: Andrew Luck 'unlikely' to play Week 1

The records went far as back as November 2010, predating Charter's 2016 acquisition of Time Warner Cable for US$78.7 billion, including assumed debt.

There are some databases that had phone numbers, billing addresses and additional contact info for hundreds of thousands of TWC subscribers.

The exposed repository also contained a trove of internal company records including SQL database dumps, internal emails, codes with access credentials, access logs and more.

Researchers said they discovered the data repositories during their investigation into the unrelated World Wrestling Entertainment (WWE) data leak.

More news: IFA 2017: Huawei reveals low-power Kirin 970 mobile AI chipset

"Even if companies realise they've accidentally published sensitive data via Amazon and locked up their data buckets, there is always the risk that Google has already indexed and cached the information", Mr Cluley said.

As the report is quick to note, Time Warner Cable isn't alone when it comes to leaving customer and company data exposed on Amazon cloud servers.

The data included usernames, email addresses, MAC addresses, device serial numbers and financial transaction information, although it doesn't appear that social security numbers or credit card information was involved.

It appears as though numerous customers who are affected were also using the Time Warner Cable smartphone app.

More news: Super Eagles victory was down to prayers - Governor Udom

There's no indication yet that happened, but Kromtech is quick to state it will take some time and plenty of leg work to determine the impact and breadth of the exposure. As a general security measure, we encourage customers who used the My TWC app to change their user names and passwords. Engineers are deemed to have accidentally leaked not only partner data but also internal sensitive data to malicious individuals. Upon discovery, the information was removed immediately by the vendor, and we are now investigating this incident with them.

Data On 'Millions' Of Time Warner Cable Customers Leaked