US broadband provider Brightspeed investigates breach claims

Published:

5 januari 2026 om 20:01:17

Alert date:

5 januari 2026 om 21:02:21

Source:

bleepingcomputer.com

Data Breach & Exfiltration, Network Infrastructure

US broadband provider Brightspeed is investigating security breach and data theft claims made by the Crimson Collective extortion gang. Brightspeed is one of the largest fiber broadband companies in the United States. The incident involves potential data compromise affecting the telecommunications provider. The Crimson Collective is known for extortion operations targeting organizations. This represents a significant potential breach of a major US telecommunications infrastructure provider.

Technical details

Crimson Collective claims to have stolen sensitive information from over 1 million Brightspeed customers. The stolen data allegedly contains customer/account details with personally identifiable information (PII), address information, user account information linked to session/user IDs (including names, emails, and phone numbers), payment history, some payment card information, and appointment/order records containing customer PII. The group has previously targeted AWS cloud environments using exposed AWS credentials and creating rogue identity and access management (IAM) accounts to escalate privileges.

Mitigation steps:

Brightspeed is investigating the reports and stated they will keep customers, employees and authorities informed as they learn more. The company emphasized they take network security and protection of customer and employee information seriously and are rigorous in securing their networks and monitoring threats.

Affected products:

Brightspeed broadband services