Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Charter Communications hit by network compromise linked to ShinyHunters

Incident
First reported
Last updated
Happening score
H score 22
1 unique sources, 1 articles

Summary

Hide ▲

Charter Communications confirmed a data breach tied to ShinyHunters extortion, raising the risk of customer-data exposure and active follow-on pressure. The company said it is alerting authorities and that no sensitive personal information or CPNI was exfiltrated in recent activity. Attackers claim the compromise began on April 1 through vishing that hit an employee's Microsoft Entra account and led to exports from Salesforce.

Related Happenings

Microsoft civil action against Fox Tempest infrastructure takedown

Regulatory/Legal Action
First: 19.05.2026 18:00 Last: 19.05.2026 18:00 Sources 1

About this happening: Microsoft filed a **civil action** against **Fox Tempest** in the **US District Court for the Southern District of New York**, securing a **court order** that enabled a broad disr...

Open Happening

7-Eleven hit by network compromise

Incident
First: 19.05.2026 17:16 Last: 19.05.2026 17:16 Sources 1

About this happening: **7-Eleven** is a **victim-focused breach incident** in which an **unauthorized third party** accessed systems used to store **franchisee documents** on **April 8, 2026**, trigger...

Open Happening

ShinyHunters voice-phishing campaign targeting SSO accounts for extortion

Campaign
First: 24.01.2026 01:35 Last: 24.01.2026 01:35 Sources 1

About this happening: A **ShinyHunters**-linked extortion campaign is using **voice phishing** to target **Salesforce customers** and steal data for ransom, with the operation first surfacing in **May...

Latest development: 27.04.2026 17:43

ShinyHunters breached ADT after compromising an employee's Okta single sign-on (SSO) account in a vishing attack, then used that access to reach ADT's Salesforce instance and steal data. Have I Been Pwned said the exposed data affected 5.5 million people and included names, phone numbers, addresses, and in a small percentage of cases dates of birth and partial Social Security numbers or Tax IDs; the group later leaked an 11GB archive after extortion failed.

Open Happening

Rising encryptionless extortion incidents against enterprises in 2025

Target Trend
First: 15.01.2026 17:45 Last: 15.01.2026 17:45 Sources 1

About this happening: **Encryptionless extortion** surged in **2025** as attackers increasingly skipped ransomware encryption and instead stole data to pressure victims across **enterprise environments...

Open Happening

Qilin Korean Leaks campaign targeting South Korean financial-sector organizations

Campaign
First: 26.11.2025 16:31 Last: 26.11.2025 16:31 Sources 1

About this happening: **Qilin** ran **Korean Leaks**, a **multi-wave** extortion campaign that hit **South Korean financial organizations** across **September-October 2025**. The operation spread throu...

Open Happening

Timeline

  1. 26.05.2026 22:46 1 articles · 1d ago

    ShinyHunters claims vishing access to Charter Communications on April 1

    Untyped Phase

    ShinyHunters claims it breached Charter Communications on April 1 by using a voice phishing attack to compromise an employee's Microsoft Entra account and then export data from the company's Salesforce instance.

    Show sources
    Open in new tab
  2. 26.05.2026 22:46 2 articles · 1d ago

    Charter Communications confirms a data breach and disputes exfiltration claims

    Initial Disclosure

    Charter Communications says it is alerting authorities and following security protocols after the ShinyHunters extortion threat, and states that no sensitive personal information or CPNI data was exfiltrated in recent activity. The attackers claim they stole 40 million records containing customer names, email addresses, addresses, phone numbers, plan information, some CPNI, and customer support ticket data.

    Show sources
    Open in new tab