ShinyHunters claimed responsibility for a breach at Charter Communications that led to the exposure of personal data from 4.9 million accounts after a vishing attack on an employee’s Microsoft Entra account. The group also leaked data taken from Charter’s Salesforce instance after the company reportedly refused to pay the ransom demand, while Charter said no sensitive personal information or CPNI was exfiltrated. #ShinyHunters #CharterCommunications #MicrosoftEntra #Salesforce
Keypoints
- ShinyHunters claimed a breach of Charter Communications in early April.
- The attack reportedly began with a vishing call that compromised Microsoft Entra access.
- The gang said it stole 42 million records from Charter’s Salesforce instance.
- Have I Been Pwned confirmed 4.9 million accounts were affected by the leak.
- The FBI has warned victims not to pay ShinyHunters’ ransom demands.