Pierluigi Paganini June 04, 2024

The RansomHub ransomware group added the American telecommunications company Frontier Comunications to the list of victims on its Tor leak site.

The RansomHub ransomware group claimed to have stolen the information of over 2 million customers from the American telecommunications company Frontier Communications. The RansomHub group claims to have stolen 5GB of data from the telecommunications giant.

Stolen data include names, email addresses, SSNs, credits, scores, dates of birth, and phone numbers.

“Data is more than 2 million customer with address name email ssn credit score date of birth and phone number. We gave frontier 2 months to contact us but they don’t care about clients data. Below is screenshot of some of the data.” reads the message published by the group. “Now anyone who wants to buy this data can contact our blog support, we only sell it once.”

In April, Frontier Communications notified the Securities and Exchange Commission (SEC) that it had to shut down certain systems following a cyberattack. The incident was identified on April 14 after that an unauthorized threat actor gained unauthorized access to parts of its IT environment.

The company launched an investigation into the security breach and started operations to contain the incident.

“Based on our investigation, we have determined that the third party was likely a cybercrime group, which gained access to, among other information, personally identifiable information.” reads the Form 10-Q (quarterly report of financial performance) filed by the company with the SEC in May. “While we do not believe the incident is reasonably likely to materially impact our financial condition or results of operations, we continue to investigate the incident, have engaged cybersecurity experts, and have notified law enforcement authorities.”

The company did not provide details about the attack and has yet to disclose the number of the impacted people.

RansomHub has published an image of the stolen records as proof of the data breach and threatens to publish the stolen data if the victim will not pay the ransom within nine days.

At the end of May, Auction house Christie disclosed a data breach following a RansomHub cyber attack that occurred in the same month.

The extortion group said they had stolen 2GB of sensitive information, including personal information belonging to at least 500,000 Christie’s clients.

Pierluigi Paganini

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

(SecurityAffairs – hacking, ransomware)