Cable TV provider Cox Communications hit by data breach
source link: https://siliconangle.com/2021/12/09/cable-tv-provider-cox-communications-hit-data-breach/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Cable TV provider Cox Communications hit by data breach
Cable television provider Cox Communications Inc. has been hit by a data breach after a hacker impersonated a support agent to gain access to customer information.
After the breach, first reported today by Bleeping Computer, customers started receiving letters from the company this week that warned them of it. The letter stated that on Oct.11, “unknown person(s) had impersonated a Cox agent and gained access to a small number of customer accounts.”
The company said it had taken steps to secure the affected customer accounts and had notified law enforcement of the incident. Further investigation discovered that the hacker may have viewed certain types of customer information. The information included name, address, telephone number, Cox account number, Cox.net email address, username, PIN code, account security question and answer, and information on other types of services that a customer receives from Cox.
Affected customers were urged to review their financial account statements for fraudulent activity. Cox is also offering one year of free Experian credit monitoring services “to help relieve concerns and restore confidence following this incident.”
The exact details of how the hacker successfully impersonated a support agent were not disclosed, but it’s likely that social engineering was involved.
“This serves as a reminder that data breaches can happen in many ways and often are the result of human error,” Matt Sanders, director of security at security information and event management firm LogRhythm Inc., told SiliconANGLE. “Social engineering tactics like impersonating trusted colleagues or partners have proven highly successful time and again.”
Sanders added that now that the hackers are armed with a high volume of personally identifiable information, Cox customers are at risk of additional phishing emails and other forms of fraud. “Customers should ensure they are using security best practices such as updating their passwords and leveraging two-factor authentication to protect their accounts,” he said.
Paul Laudanski, head of threat intelligence at enterprise email security company Tessian Ltd., noted that the breach is a stark reminder of the dangers of reused passwords and security questions and answers on other systems.
“Security questions and answers that authenticate internal customer support accounts should be held to a higher security standard than what the agents normally engage in,” Laudanski explained. “Passwords and security questions and answers should never be visible and they should require a higher level of security to prevent account takeover.”
Photo: Cox Communications
A message from John Furrier, co-founder of SiliconANGLE:
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.
Join Our Community
Click here to join the free and open Startup Showcase event.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.
Click here to join the free and open Startup Showcase event.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK