Time Warner Cable was the target on the latest cyber attack on user accounts and the company is advising around 320.000 customers to change their passwords. The firm sent this message to the customers:
“Our understanding is that the compromise had nothing to do with TWC’s systems or processes. TWC has found no evidence of a breach in its systems that operate and secure email accounts for our customers.”
In addition to that, customers throughout Time Warner’s nationwide service territory were advised to change their passwords. They can do this by navigating to http://twc.com/emailpassword and following the instructions given by TWC. According to a spokeswoman of the company, only customers with Roadrunner e-mail addresses (those with “rr” in the domain name) are affected by the hacker attack.
Time Warner Cable did not discover the breach by themselves, the information of the possible attack was provided by the FBI. Now that TWC knows about the attack, they are investigating how that hackers acquired the account details of around 320.000 customers. They suspect that the hackers may have came through phishing attacks or via breaches of third parties that store TWC customer information.
Since most customers are using the same (or almost the same) passwords for most websites, the hackers can take advantage of that by using the username and the password that they have stolen from the users’ TWC accounts. It is possible that the breachers may use those credentials for other websites too.
TWC is not the only cable company that is being targetted by hackers, Comcast, a fellow cable company, has been breached too in November 2015. They have stolen around 590.000 account details from the customers, however, Comcast said there’s “no evidence to suggest any personal customer information was obtained in this incident.” The statement did not reflect the truth since around 200.000 Comcast account details were listed for sale on a dark net market at the time.
However, Comcast wasn’t the biggest of all, most high-profile ISP attack has been against TalkTalk, an internet service provider located in the United Kingdom. In October, the company admitted that it had fallen the victim of a “significant and sustained” cyber attack on its website, in which hackers ”may have gained access to personal data of four million or more people”. The compromised data included not just simple account details (like username, password and access to the membership), but also company names, addresses, date of birth, phone numbers, account information, and credit card and/or banking details.