top of page
perceptive_background_267k.jpg

Charter Communications data breach affects 4.9 million accounts

Published:

29 May 2026 at 08:29:40

Alert date:

29 May 2026 at 09:01:28

Source:

bleepingcomputer.com

Click to open the original link from this advisory

Data Breach & Exfiltration, Enterprise Applications, Identity & Access

ShinyHunters extortion gang successfully breached Charter Communications, a major U.S. telecommunications provider, in early April 2026. The attack compromised personal information from approximately 4.9 million customer accounts. The breach was reported through Have I Been Pwned data breach notification service. Charter Communications is a significant telecom giant in the United States, making this a high-impact incident affecting millions of customers. The involvement of ShinyHunters, a known extortion group, suggests potential for further exploitation of the stolen data. This represents a major data breach in the telecommunications sector with widespread customer impact.

Technical details

ShinyHunters conducted a voice phishing (vishing) attack on April 1 that compromised an employee's Microsoft Entra account. Using this access, they stole 42 million records from Charter's Salesforce instance. The stolen data included consumer and business customer names, email addresses, physical addresses, phone numbers, phone types, plan information, support ticket data, and some CPNI data. Have I Been Pwned confirmed 4.9 million unique email addresses were exposed along with names, phone numbers and physical addresses, with approximately 85,000 records from an internal employee directory also including job titles.

Mitigation steps:

FBI advises victims not to give in to ShinyHunters' ransom demands. The FBI previously warned that paying ransoms cannot guarantee that threat actors won't attempt to sell the stolen data to other cybercriminals or extort victims again.

Affected products:

Charter Communications Spectrum
Microsoft Entra
Salesforce

Related links:

https://www.bleepingcomputer.com/news/security/charter-confirms-data-breach-after-shinyhunters-extortion-threat/
https://haveibeenpwned.com/Breach/Charter
https://www.bleepingcomputer.com/news/security/shinyhunters-claims-ongoing-salesforce-aura-data-theft-attacks/
https://www.bleepingcomputer.com/news/security/shinyhunters-claims-15-billion-salesforce-records-stolen-in-drift-hacks/
https://www.ic3.gov/PSA/2026/PSA260515
https://www.fbi.gov/how-we-can-help-you/scams-and-safety/common-frauds-and-scams/ransomware
https://www.bleepingcomputer.com/news/security/charter-and-windstream-among-nine-us-telecoms-hacked-by-china/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page