Potentially millions of Time Warner Cable customers had their details exposed to the public due to carelessness.
All too often, customers of corporations become victims due to security practices that aren’t up to date. But what if a company careless? What if records are left out there with nothing securing them? This is the type of situation that was recently uncovered which left Time Warner Cable customer’s information exposed.
A little over 600GB of Time Warner Cable data was found sitting on Amazon servers without any password protection, effectively leaving this data available to anyone that stumbled upon it. The data contained such customer information as usernames, email addresses, MAC addresses, device serial numbers, billing addresses, phone numbers and financial transaction information. It wasn’t just customer data. The servers also contained internal company records, internal emails, and credentials to external systems. The Amazon servers were linked to BroadSoft, a global communications company that partners with TWC and other service providers.
Luckily, it appears that while this information was available to the public, it was not actually accessed by any malicious actors. While that is good news, Broadsoft’s response is not very comforting. They have assured that this data has now been secured, and state that they don’t believe any of the information was highly sensitive. I do not agree. As we all know, breaches such as these are often used by malicious actors to collect information which may be used to gain entrance to customer’s other accounts.
The data comes from the MyTWC application, dating all the way back to 2010. If you utilized this app and services during this time, be sure to check and change any shared logins and passwords. While it appears users are safe in this breach, it’s better to be safe than sorry.