Cyber Threat Radar – In a recent security breach, Frontier Communications fell victim to a ransomware cyberattack in April, resulting in the compromise of Social Security numbers for 750,000 users.
The Internet Service Provider (ISP) has reported that the RansomHub hackers were able to gain access to Social Security numbers. However, the ransomware gang asserts that they have obtained a significant amount of data, including the Social Security numbers of over 2 million Frontier customers.
Ransomware Gang Preparing To Sell Stolen Data
The ISP has reported the incident to Maine’s attorney general, stating that a total of 751,895 individuals were affected. Frontier Communications is now in the process of notifying impacted customers about the breach, while the hacking group allegedly behind the attack, is preparing to sell the stolen data. The stolen information, totaling 5GB of Frontier data, also includes dates of birth, email addresses, phone numbers, and physical addresses of 2 million customers.
The group expressed their disappointment with Frontier’s lack of response, stating that they had given the company a two-month window to reach out, but claimed that Frontier doesn’t prioritize the security of their clients’ data. The group even went as far as posting a screenshot of some of the stolen data, highlighting the potential risks of such information falling into the hands of cybercriminals who could exploit it for identity theft schemes.
RansomHub Is New Ransomware Group
RansomHub, a relatively new ransomware group, has been making headlines recently for targeting numerous companies and organizations, including renowned auction house Christie’s. Similar to other ransomware providers, RansomHub offers access to its attacks to other cybercriminals, taking a 10% cut from the resulting profits.
During a May earnings call, Frontier executives assured that their IT Team swiftly contained the incident and restored operations to normalcy. Frontier also reassures customers that they do not believe personal financial information has been compromised.
“At SentryBay, we are acutely aware of the challenges posed by ransomware attacks and have developed our Armored Client solution specifically to address them,” said Tim Royston-Webb, CEO, SentryBay. “What sets Armored Client apart is its ability to protect against illegal screen capture and keystroke logging. This ensures that sensitive customer data such as the information put up for sale in the Frontier Communications incident remains secure, even in the face of sophisticated cyber threats.”