Charter Communications data breach affects 4.9 million accounts
Recorded: May 29, 2026, 9:01 a.m.
| Original | Summarized |
Charter Communications data breach affects 4.9 million accounts News Featured Glassworm botnet disrupted after resilient C2 infrastructure takedown CISA gives feds 4 days to patch actively exploited cPanel plugin flaw Windows 11 KB5089573 update released with performance improvements Charter confirms data breach after ShinyHunters extortion threat Charter Communications data breach affects 4.9 million accounts Anthropic confirms Claude Mythos-class models will roll out to the public GreyVibe hackers use ChatGPT, Gemini to power cyberattacks BTMOB Android malware service generates custom phishing payloads Tutorials Latest How to access the Dark Web using the Tor Browser How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11 How to use the Windows Registry Editor How to backup and restore the Windows Registry How to start Windows in Safe Mode How to remove a Trojan, Virus, Worm, or other Malware How to show hidden files in Windows 7 How to see hidden files in Windows Webinars Latest Qualys BrowserCheck STOPDecrypter AuroraDecrypter FilesLockerDecrypter AdwCleaner ComboFix RKill Junkware Removal Tool Deals Categories eLearning IT Certification Courses Gear + Gadgets Security VPNs Popular Best VPNs How to change IP address Access the dark web safely Best VPN for YouTube Forums Virus Removal Guides HomeNewsSecurityCharter Communications data breach affects 4.9 million accounts Charter Communications data breach affects 4.9 million accounts By Sergiu Gatlan May 29, 2026 The ShinyHunters extortion gang stole personal information from 4.9 million accounts after hacking the U.S. telecom giant Charter Communications in early April, according to data breach notification service Have I Been Pwned. Charter entry on ShinyHunters leak site (BleepingComputer) The Validation Gap: Automated Pentesting Answers One Question. You Need Six. Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.This guide covers the 6 surfaces you actually need to validate. Related Articles: Breach Sergiu Gatlan Previous Article Post a Comment Community Rules You need to login in order to post a comment Not a member yet? Register Now You may also like: Upcoming Webinar Popular Stories Charter confirms data breach after ShinyHunters extortion threat Microsoft Defender can now automatically isolate hacked endpoints Windows 11 KB5089573 update released with performance improvements Sponsor Posts Overdue a password health-check? Audit your Active Directory for free Protect Your Business from Ecommerce Fraud #1 MSP Benchmark report 2026: Insights from 1,000+ MSPs on growth, security, artificial intelligence, and key 2026 trends. AI is a data-breach time bomb: Read the new report Upcoming Webinar Follow us: Main Sections News Community Forums Useful Resources Welcome Guide Company About BleepingComputer Terms of Use - Privacy Policy - Ethics Statement - Affiliate Disclosure Copyright @ 2003 - 2026 Bleeping Computer® LLC - All Rights Reserved Login Username Password Remember Me Sign in anonymously Sign in with Twitter Not a member yet? Register Now Help us understand the problem. What is going on with this comment? Spam Abusive or Harmful Inappropriate content Strong language Other Read our posting guidelinese to learn what content is prohibited. Submitting... |
The data breach suffered by Charter Communications involved extortion by the ShinyHunters group, who reportedly stole personal information from 4.9 million accounts following a hack in early April. While Charter Communications initially stated that no sensitive personal information or customer proprietary network information was exfiltrated during the recent activity, the threat actors claimed responsibility for the breach, citing a voice phishing attack that compromised an employee's Microsoft Entra account as the entry point. Subsequently, the threat actors claimed to have stolen 42 million records from the company's Salesforce instance, which included consumer and business customer names, email addresses, physical addresses, phone numbers, phone types, plan information, support ticket data, and some customer proprietary network information. When Charter refused the ransom demanded by ShinyHunters to have the stolen data returned and destroyed, the cybercrime group proceeded to leak the documents from the Salesforce instance onto their dark web. Analysis by Have I Been Pwned confirmed that the incident affected 4.9 million unique accounts, exposing names, email addresses, phone numbers, and physical addresses. Furthermore, a subset of approximately 85,000 records originating from an internal employee directory also included job titles. This incident occurred against the backdrop of broader cybersecurity threats; Charter Communications’ systems were also affected by a wave of breaches involving the Chinese state-backed threat group Salt Typhoon, which impacted other major telecommunications entities including AT&T, Verizon, Consolidated Communications, Windstream, and Lumen, as well as telecom companies across numerous other countries. The FBI has advised the victims of the extortion gang not to comply with the ransom demands, warning that payment does not guarantee the threat actors will refrain from further extortion or the sale of the stolen data to other cybercriminals. This event highlights the complexities of data security within large telecommunications organizations and the aggressive tactics employed by sophisticated threat actors targeting enterprise systems and customer data repositories. The incident underscores the necessity for organizations to validate security controls beyond basic network penetration testing to effectively mitigate modern cyber risks. |