Broadband provider Brightspeed investigates data breach claims

Brightspeed, a US fiber broadband provider, is investigating claims of a data breach declared by Crimson Collective extortion group. The gang claims it stole data of over 1 million customers.

Brightspeed serves rural and suburban areas across 20 states and started operations in 2022. The attacker have listed the stolen data for sale for three bitcoin, or about $276,370.

Crimson Collective usually targets cloud setups through exposed AWS credentials to get access. Once the attackers get in they create fake identity and access management (IAM) accounts to move through systems and steal data.

The gang threatened to leak samples if the company did not respond to their emails. The stolen data allegedly includes:

• Names, email addresses, and phone numbers
• Physical home addresses
• Customer account details and session IDs
• Payment history and some credit card data
• Service appointment and order records

The number of affected individuals and the nature of the attack are not disclosed.

Brightspeed says it is working with authorities to look into the event but has not confirmed the breach so far.