Inside the Charter data breach: hackers leak 13M+ customer data

Published: 28 May 2026
Last updated: 29 May 2026
charter spectrum leak
Photo by Cheng Xin/Getty Images.
Listen to this article

One of America’s largest telecommunications companies, Charter Communications, has suffered a data breach, with hackers leaking tens of millions of its records. Our team believes that over 13 million individuals had their details exposed on the dark web. Meanwhile, Charter denies sensitive data was stolen.

Key takeaways:
  • Hackers leaked over 13 million Charter customer records after the company suffered a hacker attack by ShinyHunters.
  • Exposed data includes full names, email addresses, home and company addresses, plus details from numerous support tickets.
  • Nearly 27,000 Charter employees had work emails, job titles, and some home addresses compromised in the breach.
  • Leaked information enables social engineering attacks, spearphishing campaigns, and fraud targeting Charter customers and staff.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.

The notorious hacker group ShinyHunters just posted Charter data on its dark web blog, claiming that it failed to reach an agreement with the company. The message most likely indicates that Charter refused to meet the hackers’ ransom demands.

ADVERTISEMENT

“The company failed to reach an agreement with us despite our incredible patience, all the chances and offers were made,” ShinyHunters said in its dark web post.

In retaliation, the attackers claim they’ve released 42 million Charter records stolen from the company. Charter Communications, better known as Spectrum to its customers, is the largest cable operator in the US and the fifth-largest phone provider in the country.

Meanwhile, Charter says the company is aware of hacker claims and denies any sensitive data was stolen.

“We are aware of the situation, following our security protocols and are working with appropriate authorities. No sensitive personal information (PI) or customer proprietary network information (CPNI) data was exfiltrated by the threat actor as a result of recent activity,” the company's spokeswoman told Cybernews.

charter data leak post
ShinyHiunters' post on the dark web. Image by Cybernews.

What’s inside the Charter data leak?

According to our research team, ShinyHunters did upload millions of records that appear to belong to Charter Communications. The team investigated the upload, noting that most of the customer data appears to come from Spectrum Enterprise.

Spectrum Enterprise is a division of Charter that provides telecommunications services to large businesses, corporations, government agencies, and other large clients. Our team believes that exposed customer data mostly belongs to individuals whose workplaces use Spectrum services.

ADVERTISEMENT

According to our team, the dataset on ShinyHunters’ blog exposed at least 13M individuals. The exposed details include:

  • Full names
  • Email addresses (mostly workplace domains)
  • Company addresses
  • Home addresses
charter data sample
Sample of the leaked data. Image by Cybernews.

The dataset also revealed information from customer support tickets with nearly 10 million records exposed. The information revealed:

  • Subjects
  • Ticket timestamps
  • Customer email addresses
  • Phone numbers

Charter employees were not spared by the data breach either. Our team discovered records on nearly 27,000 of the company’s staff. Charter’s staff exceeds 91,000, meaning the data breach exposed nearly a third of its employees.

Our team identified that attackers leaked Charter staff details that include:

  • Full names
  • Work emails
  • Job titles
  • Limited number of home addresses

All of the leaked information was compressed into 1.5GB. However, the team noted that ShinyHunters’ claim that it leaked over 42 million records isn’t accurate, as there may be numerous duplicates. However, the number of exposed individuals is still very high.

Why is the Charter data breach dangerous?

ADVERTISEMENT

Everyone involved in the data leak, including company customers and employees, will face increased cybersecurity risks. Exposed contact details enable attackers to commit fraud, engage in social engineering, and impersonate others.

“Charter clients and employees may face increased risks of social engineering linked to the leaked data. Moreover, the attack may impact Charter's reputation, which eventually can translate into financial losses,” our team said.

With access to large amounts of corporate email addresses, malicious actors may craft convincing attacks against employees of the same company. In these cases, attackers would impersonate a co-worker and try to trick a victim into revealing more sensitive details.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

Threat actors may also conduct spearphishing attacks against Charter employees. Information about job titles, coupled with email addresses, enables them to identify employees with the highest access to the company’s systems. A successful attack of this type would allow deeper access into the company's network.

Headquartered in Stamford, Connecticut, Charter is one of the largest players in the US market, operating in 41 states. The company’s reported revenue exceeded $54 billion in 2025.

Was Charter Communications breached?

The ShinyHunters hacking group has posted what it claims are Charter Communications records on its dark web blog, stating that ransom negotiations with the company failed. While Charter acknowledges the incident, the company denies that sensitive personal information or customer proprietary network information was stolen.

What customer data was exposed in the Charter breach?

Researchers found that the leaked dataset exposes at least 13M individuals, primarily customers of Spectrum Enterprise. The exposed data includes full names, work email addresses, company and home addresses, and phone numbers. Additionally, nearly 10M customer support ticket records were leaked, revealing subjects, timestamps, and contact details.

Were Charter employees' data also stolen?

Our team believes the breach exposed records on approximately 27,000 Charter employees. The leaked employee data includes full names, work emails, job titles, and a limited number of home addresses, making staff particularly vulnerable to targeted spearphishing attacks.

What should Charter customers and employees do now?

Customers and employees should be alert for targeted phishing emails and vishing calls. Attackers with access to job titles and corporate email addresses may impersonate colleagues or IT support to trick victims into revealing passwords or granting system access. Employees with high-level administrative access should be especially cautious and report any suspicious contact to their security teams immediately.

Updated on May 29th [07:00 a.m. GMT] with a statement from Charter.

Check if your data has been leaked

Find out if your email, phone number or related personal information might have fallen into the wrong hands.
18,611,353,922
Breached accounts
36,030
Breached websites
ADVERTISEMENT

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked