ShinyHunters Breach Exposes 4.9 Million Charter Communications Accounts
**Charter Communications**, a major U.S. telecom provider, suffered a data breach in early April after being targeted by the **ShinyHunters** extortion gang. The breach resulted in the exposure of personal information belonging to 4.9 million accounts, prompting concerns about data security and potential misuse.
**ShinyHunters** claimed responsibility for the breach, asserting they compromised **Charter's** systems on April 1 through a voice phishing (vishing) attack targeting an employee's **Microsoft Entra** account. They allege stealing 42 million records from the company's **Salesforce** instance, including customer and business data.
### Details of the Breach
The stolen information reportedly includes:
* Consumer and business customer names
* Email addresses
* Physical addresses
* Phone numbers
* Phone types
* Plan information
* Support ticket data
* Some Customer Proprietary Network Information (CPNI)
**Charter** confirmed the breach earlier this week but stated that no sensitive personal customer information or CPNI data was exfiltrated. However, **Have I Been Pwned** analyzed the leaked data and confirmed that 4.9 million unique email addresses were exposed, along with names, phone numbers, and physical addresses. Approximately 85,000 records from an internal employee directory also included job titles.
### ShinyHunters' Tactics
**ShinyHunters** has a history of targeting **Salesforce** customers, claiming to have stolen billions of records in previous attacks, including **Salesforce Aura** data theft attacks and a **Salesloft Drift** campaign.
The **FBI** has advised victims of **ShinyHunters** not to pay ransom demands, as this does not guarantee the data will be returned or destroyed and may lead to further extortion attempts.
### Previous Breaches
This is not the first time **Charter Communications'** systems have been compromised. The company was previously affected by a wave of breaches attributed to a Chinese state-backed threat group known as Salt Typhoon. Other affected companies included **AT&T**, **Verizon**, **Consolidated Communications**, **Windstream**, and **Lumen**.
<a rel="noopener nofollow" href="https://hubs.li/Q048zztN0"><img alt="article image" src="https://www.bleepstatic.com/c/p/validation-gap.jpg"></a>
## <a rel="noopener nofollow" href="https://hubs.li/Q048zztN0">The Validation Gap: Automated Pentesting Answers One Question. You Need Six.</a>
Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold.
This guide covers the 6 surfaces you actually need to validate.
<a rel="noopener nofollow" href="https://hubs.li/Q048zztN0">Download Now</a>