×

Database Error Leaks 4 Million Time Warner Cable Customer Records Online

A configuration error by one of Time Warner Cable’s vendors left a database containing more than 4 million records with info about the cable operator’s customers publicly available on the internet, according to a security software firm.

BroadSoft, a communication software and service provider used by Time Warner Cable, left more than 600 gigabytes of private files publicly accessible online in two separate Amazon Web Services repositories, Kromtech Alliance’s security research team said Friday in a blog post. The BroadSoft data was improperly configured to allow public access in AWS, according to Kromtech.

Most of exposed data appeared related to Time Warner Cable, Bright House Networks and AMC Networks, according to Kromtech. One of the files contained more than 4 million records including usernames, account numbers, transaction IDs and other info spanning Nov. 26, 2010, to July 7, 2017. Other databases Kromtech was able to access in BroadSoft’s AWS repositories had billing addresses, phone numbers and other information for hundreds of thousands of Time Warner Cable customers.

Time Warner Cable and Bright House were both acquired last year by Charter Communications, which is the second-biggest U.S. cable company after Comcast.

In a statement, Charter said the exposed customer info was removed as soon as it was discovered, and said “there is no indication that any Charter systems were impacted.”

“A vendor has notified us that certain non-financial information of legacy Time Warner Cable customers who used the MyTWC app became potentially visible by external sources,” Charter said in a statement. “Upon discovery, the information was removed immediately by the vendor, and we are currently investigating this incident with them.”

BroadSoft emphasized in a statement that the exposed customer data did not include financial info like bank or credit card information or Social Security numbers. “As soon as we recognized the exposure, we immediately began to re-secure the information,” the company said, adding that BroadSoft’s core information-technology and cloud unified communication infrastructures “were not exposed or compromised in this incident.”

Charter said it recommends that customers who have used the MyTWC app change their usernames and passwords. The cable company said it will directly contact customers if it discovers that their information was exposed.

Kromtech said it downloaded the contents of the publicly accessible BroadSoft data “for verification purposes,” noting that it’s unclear if the data was accessed by other unauthorized parties. The company discovered the misconfigured BroadSoft file repositories in AWS in the process of researching an Amazon S3 cloud-based data repository for WWE — containing 3 million customer emails — that was also publicly accessible on the internet.

Popular on Variety

More Digital

  • Blow the Man Down Amazon Studios

    How Amazon's 'Blow the Man Down' Filmmakers Captured an Intricate Mood

    Bridget Savage Cole and Danielle Krudy spent eight years working on the script for their feature film debut, Amazon’s “Blow the Man Down,” about a pair of sisters who go deep into the underbelly of their New England hometown to cover up a crime. But the filmmakers’ relationship dates back further than that — to [...]

  • Thanks a Million Quibi

    Jeffrey Katzenberg's Quibi Is Ready to Launch, but Will Viewers Bite?

    Quibi has spent more than $1 billion so far gearing up for what founder Jeffrey Katzenberg touts as a category-defining pay-TV service of the future, uniquely built for smartphones. It’s not clear when, or even whether, the startup will recoup that. In the months leading up to Quibi’s still-planned April 6 debut, industry insiders privately [...]

  • Comedians Live Streaming Self Quarantine

    How Comedians Are Adapting to Entertain Fans While Self-Isolating

    On March 11, comedian Jim Gaffigan was in Bogotá, Colombia, in the midst of his worldwide Pale Tourist tour when he received a call from his manager that Argentina was closing its borders in the wake of the coronavirus pandemic, and his upcoming show there was canceled. He had a choice: fly to São Paulo, Brazil, for [...]

  • Quibi

    Quibi Target of Injunction Request Seeking to Block Its Turnstyle Mobile Tech

    Five days before Quibi’s scheduled April 6 launch, the Jeffrey Katzenberg-founded mobile-video venture has been hit with another legal action — demanding that Quibi be forced to stop using technology it allegedly stole from an interactive-video company. The motion seeking a preliminary injunction against Quibi comes from New York-based Eko, which last month sued Quibi [...]

  • Netflix-Kids-Educational-Shows

    The 15 Best Netflix Educational Shows for Kids

    With schools closed due to the COVID-19 crisis, millions of children are stranded at home — and most parents working from home say they find it tough to manage the daily juggle. How to keep the kids occupied in a way that isn’t totally mindless? Here are 15 of the most popular shows available on [...]

  • Coronavirus Work From Home Placeholder

    Are Virtual Markets Working for Distributors and Buyers Navigating Coronavirus?

    When the film and TV industry emerges from self-isolation to a forever altered landscape, one silver lining will be the online savvy newly gained by traditionally digitally-shy businesses, some of whom have reacted with lightning speed to devise virtual showcases. A drive towards virtual events initially manifested in early March across disrupted festivals such as [...]

More From Our Brands

Access exclusive content