Frontier Sends Update to 750,000 Customers Hit by Data Hack

Frontier Sends Update to 750,000 Customers Hit by Data Hack

A hacker uses his computer in Dongguan, China's southern Guangdong Province, on Aug. 4, 2020. (Nicolas Asfouri/AFP via Getty Images)

Naveen Athrappully
Naveen Athrappully

6/10/2024

Updated: 6/10/2024

0

Telecommunications firm Frontier Communications said that a data breach allowed hackers to access personal details of its customers and put the info up for sale.

On June 6, Frontier notified patrons about the data breach that affected 751,895 individuals.

“On April 14, 2024, we detected unauthorized access to some of our internal IT systems,” the letter said. “Our investigation identified your personal information among the data affected by this incident.”

In an April 15 filing with the U.S. Securities and Exchange Commission, Frontier acknowledged the attack and that the personal data of its users had been stolen. However, further details weren’t available.

On June 2, Brett Callow, a threat analyst at antivirus software firm Emsisoft, said in a post on social media platform X that the cybercrime group RansomHub was behind the hacking incident. She posted a screenshot of RansomHub offering the data for sale.

According to the screenshot, the hacking group claims it has the dataset of more than 2 million Frontier customers. Personal details for sale included names, addresses, emails, social security numbers, credit scores, dates of birth, and phone numbers, with a combined data size of 5 GB.

While RansomHub claimed they gave Frontier two weeks to contact them, the company does not “care about clients data,” the hacking group stated, according to the screenshot.

In the June letter to users, Frontier said that after discovering the hacking incident in April, the company “retained leading cybersecurity experts to support the investigation and contain the incident.”

“We also took steps to further strengthen our network security and prevent further access by the third party. We have notified law enforcement and applicable regulatory authorities,” the company said.

Frontier, which serves about 3.5 million customers across 25 U.S. states, is offering all affected customers free credit monitoring and identity theft resolution services for one year through the risk advisory firm Kroll.

The company also advised customers to “remain vigilant against incidents of identity theft and fraud by reviewing your account statements and monitoring your free credit reports for suspicious activity and to detect errors.” Customers who have questions can contact the firm at (866) 898-2643.

RansomHub victimized 45 entities between February and April this year, according to a May 9 report from cybersecurity firm Forescout. The United States was home to the most victims, 13, followed by Brazil, with six, and the UK, Spain, and Italy, with three each.

RansomHub’s hacking operation began in February. Their first victim was YKP LTDA, a financial consulting company from Brazil, according to Forescout.

Also targeted by the hacking group was Change Healthcare, one of the biggest health payment processing companies globally, which acts as a clearinghouse for 15 billion medical claims annually.

Change Healthcare was attacked by hackers affiliated with the hacking group AlphV in February. Some AlphV members had been recruited into RansomHub, the report said.

RansomHub refrains from targeting China, North Korea, Cuba, and the Commonwealth of Independent States, a group of 11 nations from the former USSR, according to a report by cybersecurity company SOC Radar.

SOC suggests RansomHub “likely” has roots in Russia.

“While they suggest a global hacker community, their operations notably resemble a traditional Russian ransomware setup. Their stance on Russian-affiliated nations and the overlap in targeted companies with other Russian ransomware groups are also worth noting,” the report said.

Law firms are already probing legal claims against Frontier.

In a June 7 statement, Murphy Law Firm said it was investigating claims “on behalf of all individuals whose personal and confidential information was compromised in the data breach.”

Law firm Edelson Lechtzin LLP also said they are investigating claims in the case.

Cyberthreats Facing the United States

Security experts have been warning that critical U.S. infrastructure such as communication networks and energy supplies face a threat from cyber criminals.

In February, FBI Director Christopher Wray pointed to the Chinese Community Party (CCP) as a key cyber hazard to U.S. infrastructure.

Hackers sponsored by China were “pre-positioned” for potential cyberattacks against U.S. natural gas and oil companies in 2011, he said during a security conference.

“But these days, it’s reached something closer to a fever pitch,” he said.

“What we’re seeing now, is China’s increasing buildout of offensive weapons within our critical infrastructure, poised to attack whenever Beijing decides the time is right.”

A March 25 report from the Foundation for Defense of Democracies (FDD) called for the creation of an independent cyberservice for the U.S. military, alongside the Army, Air Force, Navy, Marine Corps, Coast Guard, and Space Force.

It pointed out that the “scope and scale” of cyber threats are growing, with the CCP having already centralized its cyber, electronic warfare, space, and psychological warfare capabilities. Besides China, Russia also poses a threat to American critical infrastructure, the FBI said.

In the face of these threats, America’s “cyber force generation system is clearly broken,” the report said. “Fixing it demands nothing less than the establishment of an independent cyber service.”

The FDD recommended that Congress create a Cyber Force branch with a starting staff level of 10,000 employees and a $16.5 billion budget.

During a Senate hearing on June 4, Mr. Wray requested $11.3 billion in funding for the FBI, saying the country is facing “elevated” threats. He cited several national security concerns, including the threat of hackers conducting ransomware and other cyber attacks against U.S. businesses and critical infrastructure.

The Subcommittee on Cybersecurity, Information Technology, and Government Innovation held a hearing on May 16 on Chinese cyber threats.

William Evanina, the former special assistant to the president and White House cybersecurity coordinator, warned that the CCP’s capabilities are “second to none” as an adversary.

“Cyber breaches, insider threats, surveillance, and penetrations into our critical infrastructure have all been widely reported and we have become numb to these episodes, as a nation.”

The CCP already has a “stranglehold” on many aspects of America’s supply chain, which puts the United States in a vulnerable situation, he said.

“When we move to new areas of the CCP’s actions to include surveillance balloons, technical surveillance stations in Cuba, maritime cranes, Huawei, TikTok, strategic land purchases, foreign influence, etc., the collage begins to paint a bleak mosaic.”

Tags:hacking
Copy
facebooktwitterlinkedintelegram

Naveen Athrappully is a news reporter covering business and world events at The Epoch Times.

Author's Selected Articles

©2023-2024 California Insider All Rights Reserved. California Insider is a part of Epoch Media Group.