Frontier Communications Clients Impacted by Data Breach Incident

Frontier Communications, a major telecommunications firm, has disclosed a significant data breach affecting over 751,000 clients.

The breach, reported to the Office of the Maine Attorney General, was first detected on April 14, 2024, and involves unauthorized access to personal information, including Social Security numbers.

Frontier Communications Parent, Inc., headquartered in Dallas, Texas, is a leading provider of telecommunications services, including internet, phone, and television services, to millions of customers across the United States.

The company serves both residential and business clients, offering a range of broadband solutions and communication services. Despite its extensive customer base, Frontier has faced challenges in recent years, including financial restructuring and efforts to modernize its infrastructure.

Breach details

The breach was discovered on April 14, 2024, when Frontier detected unauthorized access to its internal IT systems. The company immediately initiated its cyber incident response protocols, including containment measures that resulted in temporary operational disruptions. Frontier first disclosed the incident in a Form 8-K filing with the United States Securities and Exchange Commission on April 18, 2024.

The filed breach notification reveals that the cyberattack occurred on April 13, 2024, and the breach was confirmed the following day. The company has since engaged leading cybersecurity experts and notified law enforcement and relevant regulatory authorities.

The breach involved an external hacking incident that compromised sensitive personal information, including names and Social Security numbers. Frontier has emphasized that financial information was not affected. The firm has initiated measures to strengthen its network security and prevent future incidents.

Frontier began notifying affected customers on June 6, 2024. The company is offering 12 months of complimentary credit monitoring and identity theft resolution services through Kroll. In the notification letter, Frontier detailed the steps it is taking to address the breach and provided guidance on how customers can protect their personal information.

Affected individuals are advised to activate their identity monitoring services via Kroll’s enrollment website. Frontier has also recommended vigilance against identity theft and fraud, encouraging customers to monitor their credit reports and account statements for suspicious activity.

Attribution and ransom demands

The attack has been claimed by the RansomHub cybercriminal group.

The group posted on their dark web extortion site that they have data on over 2 million customers, including sensitive personal details. RansomHub claimed that Frontier was given two months to respond to their demands but failed to do so, leading to the next phase which is public disclosure of the data in seven days.

The threat actors leaked the following as proof of the alleged breach:

• Names
• Addresses
• Email addresses
• Social Security numbers (SSNs)
• Credit scores
• Dates of birth
• Phone numbers

This extensive set of personal information poses significant risks for identity theft and other forms of fraud. RansomHub claimed to have obtained data on more than 2 million customers and has made it available for purchase on their dark web extortion site, indicating the high potential for this information to be misused.

Frontier Communications customers should utilize the offered Kroll services, regularly review credit reports for any unauthorized activity, and consider placing fraud alerts or security freezes on credit files.