Frontier Communications reveals that cyber incident exposed hundreds of thousands


The American telecommunications company Frontier Communications Parent (Frontier) has revealed the extent of the April cyberattack.

On April 14th, 2024, the company detected unauthorized access to its internal IT systems. Upon investigation, Frontier identified that some personal information was among the affected data.

The personal information involved includes:

ADVERTISEMENT
  • Names and other personal identifiers
  • Social Security numbers

According to information that Frontier provided to the Maine Attorney General, the breach exposed the details of over 750,000 people.

The attackers penetrated the company on April 13th, 2024, with Frontier discovering the attack the next day. Upon catching the breach, the company employed cybersecurity experts to contain and investigate the incident.

“We also took steps to further strengthen our network security and prevent further access by the third party. We have notified law enforcement and applicable regulatory authorities,” Frontier said.

Frontier is offering free credit monitoring and identity theft resolution services for 12 months under Kroll.

Earlier this week, a relatively new ransomware gang, known as RansomHub, claimed responsibility for the Frontier breach.

According to Security Affairs, the ransomware group alleged that they had stolen information from roughly two million Frontier customers and 5GB of data from the telecommunications company.

ADVERTISEMENT

The information they claim to have stolen includes names, email addresses, Social Security numbers, credit scores, dates of birth, and phone numbers, Security Affairs said.

Back in April, Frontier informed the Securities and Exchange Commission (SEC) that it had to disable some of its systems as a result of the breach.

Frontier said in a quarterly report that it has “determined that the third party was likely a cybercrime group, which gained access to, among other information, personally identifiable information.”

RansomHub is new to the ransomware ecosystem, having posted its first victim on February 26th, 2024.

According to a March SOCRadar Dark Web Profile report, the group primarily operates a ransomware-as-a-service business model, charging affiliates a cut of ransom profits in exchange for using its ransomware malware tools.

Analysts claim that the gang’s setup closely resembles a traditional Russian ransomware setup, with the gang avoiding targets in Russia, CIS countries, Cuba, North Korea, and China.

Frontier Communications offers cloud-based services and fiber optic networks to businesses, including universities, healthcare providers, and state and local governments across 25 states.

The company serves approximately 2.9 million customers across 25 states, and its revenue is roughly $5.75 million.

ADVERTISEMENT