Frontier Sends Update to 750,000 Customers Hit By Data Hack

Frontier Sends Update to 750,000 Customers Hit By Data Hack
A man types on a computer keyboard on Feb. 28, 2013. (Kacper Pempel/Reuters)

Telecommunications firm Frontier Communications has suffered a data breach that led to the compromise of personal details of its customers as hackers put up the info for sale.

On June 6, Frontier notified patrons about the data breach that affected 751,895 individuals.

“On April 14, 2024, we detected unauthorized access to some of our internal IT systems,” the letter said. “Our investigation identified your personal information among the data affected by this incident.”

In an April 15 filing with the U.S. Securities and Exchange Commission, Frontier had acknowledged the attack, admitting that the personal data of its users had been stolen. However, further details were not available.

On June 2, Brett Callow, a threat analyst at antivirus software firm Emsisoft, said in an X post that cybercrime group RansomHub was behind the hacking incident. She posted a screenshot of RansomHub offering the data for sale.

According to the screenshot, the hacking group claims it has the dataset of more than two million Frontier customers. Personal details for sale included names, addresses, emails, social security numbers, credit scores, dates of birth, and phone numbers, with a combined data size of 5 GB.

RansomHub claimed they gave Frontier two weeks to contact them. However, the company does not “care about clients data,” the hacking group stated, according to the screenshot.

In the June letter to users, Frontier said that after discovering the hacking incident in April, the company “retained leading cybersecurity experts to support the investigation and contain the incident.”

“We also took steps to further strengthen our network security and prevent further access by the third party. We have notified law enforcement and applicable regulatory authorities,” the company said.

Frontier, which serves about 3.5 million customers across 25 U.S. states, is offering all affected customers free credit monitoring and identity theft resolution services for one year through the risk advisory firm Kroll.

The company also advised customers to “remain vigilant against incidents of identity theft and fraud by reviewing your account statements and monitoring your free credit reports for suspicious activity and to detect errors.” Customers who have questions can contact the firm at (866) 898-2643.

According to a May 9 report from cybersecurity firm Forescout, RansomHub victimized 45 entities between February and April this year. The majority of victims, 13, were from the United States, followed by Brazil with six victims, and the UK, Spain, and Italy with three each.

RansomHub’s hacking operation began in February. Their first victim was YKP LTDA, a financial consulting company from Brazil, according to Forescout.

Also targeted by the hacking group was Change Healthcare, one of the biggest health payment processing companies globally, which acts as a clearinghouse for 15 billion medical claims annually.

Change Healthcare was attacked by hackers affiliated with the hacking group AlphV in February. Some AlphV members had been recruited into RansomHub, the report said.

Another report by cybersecurity company SOC Radar states that RansomHub refrains from targeting China, North Korea, Cuba, and the Commonwealth of Independent States (CIS), a group of 11 nations from the former USSR.

SOC Radar suggests RansomHub “likely” has roots in Russia.

“While they suggest a global hacker community, their operations notably resemble a traditional Russian ransomware setup. Their stance on Russian-affiliated nations and the overlap in targeted companies with other Russian ransomware groups are also worth noting,” the report said.

Law firms are already probing legal claims against Frontier.

In a June 7 press release, Murphy Law Firm said it was investigating claims “on behalf of all individuals whose personal and confidential information was compromised in the data breach.”

Law firm Edelson Lechtzin LLP also said they are investigating claims in the case.

Cyberthreats Facing the United States

Security experts have been warning that critical American infrastructure such as communication networks and energy supplies face a threat from cyber criminals.

In February, FBI Director Christopher Wray pointed to the Chinese Community Party (CCP) as a key cyber hazard to U.S. infrastructure.

Hackers sponsored by China were “pre-positioned” for potential cyberattacks against American natural gas and oil companies in 2011, he said during a security conference. “But these days, it’s reached something closer to a fever pitch.”

“What we’re seeing now, is China’s increasing buildout of offensive weapons within our critical infrastructure, poised to attack whenever Beijing decides the time is right.”

A March 25 report from the Foundation for Defense of Democracies (FDD) called for the creation of an independent cyberservice for the U.S. military, alongside the Army, Air Force, Navy, Marine Corps, Coast Guard, and Space Force.

It pointed out that the “scope and scale” of cyber threats were growing, with the CCP having already centralized its cyber, electronic warfare, space, and psychological warfare capabilities. Besides China, Russia also poses a threat to American critical infrastructure, the FBI said.

In the face of these threats, America’s “cyber force generation system is clearly broken,” the report said. “Fixing it demands nothing less than the establishment of an independent cyber service.”

The FDD recommended that Congress create a Cyber Force branch with a starting staff level of 10,000 employees and a $16.5 billion budget.

During a Senate hearing on June 4, Mr. Wray requested $11.3 billion in funding for the FBI while saying the country was facing “elevated” threats. He cited several national security concerns, including the threat of hackers conducting ransomware and other cyber attacks against American businesses and critical infrastructure.

The Subcommittee on Cybersecurity, Information Technology, and Government Innovation held a hearing on May 16 on Chinese cyber threats.

William Evanina, the former special assistant to the president and White House cybersecurity coordinator, warned that the CCP’s capabilities are “second to none” as an adversary.

“Cyber breaches, insider threats, surveillance, and penetrations into our critical infrastructure have all been widely reported and we have become numb to these episodes, as a nation.”

The CCP already has a “stranglehold” on many aspects of America’s supply chain, which puts the United States in a vulnerable situation, he said.

“When we move to new areas of the CCP’s actions to include surveillance balloons, technical surveillance stations in Cuba, maritime cranes, Huawei, TikTok, strategic land purchases, foreign influence, etc., the collage begins to paint a bleak mosaic.”

From The Epoch Times

ntd newsletter icon
Sign up for NTD Daily
What you need to know, summarized in one email.
Stay informed with accurate news you can trust.
By registering for the newsletter, you agree to the Privacy Policy.