Brightspeed, one of the largest fiber broadband providers in the United States, has launched an investigation into alleged cybersecurity breach and data theft claims made by the Crimson Collective.
Founded in 2022, Brightspeed is a U.S.-based telecommunications and internet service provider that delivers broadband services to rural and suburban communities across 20 states.
In a statement shared with a technology news outlet, Brightspeed said, “We take the security of our networks and protection of our customers’ and employees’ information seriously and are rigorous in securing our networks and monitoring threats. We are currently investigating reports of a cybersecurity event. As we learn more, we will keep our customers, employees and authorities informed.”
The response follows claims made by Crimson Collective, which said in a Sunday update on its Telegram channel that it had stolen sensitive data belonging to more than 1 million Brightspeed customers.
According to the group, the allegedly stolen data includes customer and account details containing personally identifiable information (PII), address records, user account data linked to session and user IDs, names, email addresses, phone numbers, payment history, limited payment card information, and appointment or order records that also include customer PII.
“If anyone has someone working at BrightSpeed, tell them to read their mails fast! We have in our hands over 1m+ residential user PII’s,” the group said. It added that a data “sample will be dropped on monday night time, letting them some time first to answer to us.”
Crimson Collective has been linked to several high-profile incidents in recent months. In October, the group breached a GitLab instance belonging to Red Hat, stealing around 570GB of data from about 28,000 internal development repositories. The breach affected Red Hat’s consulting division.
Following that incident, Crimson Collective partnered with the Scattered Lapsus$ Hunters group and used the ShinyHunters data leak site as part of its extortion efforts. In December, Nissan confirmed that the personal data of approximately 21,000 Japanese customers was compromised due to the Red Hat breach.
The group has also targeted Amazon Web Services environments, using exposed AWS credentials and creating unauthorized identity and access management accounts to escalate privileges and extract data.
Brightspeed has not confirmed any data loss so far and said its investigation is ongoing.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
