×

Database Error Leaks 4 Million Time Warner Cable Customer Records Online

A configuration error by one of Time Warner Cable’s vendors left a database containing more than 4 million records with info about the cable operator’s customers publicly available on the internet, according to a security software firm.

BroadSoft, a communication software and service provider used by Time Warner Cable, left more than 600 gigabytes of private files publicly accessible online in two separate Amazon Web Services repositories, Kromtech Alliance’s security research team said Friday in a blog post. The BroadSoft data was improperly configured to allow public access in AWS, according to Kromtech.

Most of exposed data appeared related to Time Warner Cable, Bright House Networks and AMC Networks, according to Kromtech. One of the files contained more than 4 million records including usernames, account numbers, transaction IDs and other info spanning Nov. 26, 2010, to July 7, 2017. Other databases Kromtech was able to access in BroadSoft’s AWS repositories had billing addresses, phone numbers and other information for hundreds of thousands of Time Warner Cable customers.

Time Warner Cable and Bright House were both acquired last year by Charter Communications, which is the second-biggest U.S. cable company after Comcast.

In a statement, Charter said the exposed customer info was removed as soon as it was discovered, and said “there is no indication that any Charter systems were impacted.”

“A vendor has notified us that certain non-financial information of legacy Time Warner Cable customers who used the MyTWC app became potentially visible by external sources,” Charter said in a statement. “Upon discovery, the information was removed immediately by the vendor, and we are currently investigating this incident with them.”

BroadSoft emphasized in a statement that the exposed customer data did not include financial info like bank or credit card information or Social Security numbers. “As soon as we recognized the exposure, we immediately began to re-secure the information,” the company said, adding that BroadSoft’s core information-technology and cloud unified communication infrastructures “were not exposed or compromised in this incident.”

Charter said it recommends that customers who have used the MyTWC app change their usernames and passwords. The cable company said it will directly contact customers if it discovers that their information was exposed.

Kromtech said it downloaded the contents of the publicly accessible BroadSoft data “for verification purposes,” noting that it’s unclear if the data was accessed by other unauthorized parties. The company discovered the misconfigured BroadSoft file repositories in AWS in the process of researching an Amazon S3 cloud-based data repository for WWE — containing 3 million customer emails — that was also publicly accessible on the internet.

More Digital

  • AMC’s Streamer Acorn TV Hires Kerensa

    AMC-Owned Streamer Acorn TV Hires Former Filmstruck Exec as International Boss

    Former Filmstruck International general manager Kerensa Samanidis has been appointed Acorn TV’s first international chief. As general manager, international, she will spearhead the growth of the AMC Networks-owned streamer outside of North America and Latin America. Last year, Acorn TV expanded into Australia, and New Zealand, Argentina, Mexico, Spain, and Scandinavia. In the newly-created international [...]

  • apple AR patent application

    Apple Patents Gesture, Expression Tracking for Mixed Reality Headset

    Apple’s upcoming mixed reality headset could include a number of sensors to track the eyes, gestures and even facial expressions of its users. The company applied for a patent to track these kinds of inputs, and combine them with information gathered from outward-facing sensors for mixed reality experiences. The patent application in question, simply titled [...]

  • Natalie Portman Thor Comic Con

    Comic-Con: Marvel 'Shock and Awe' Strategy Dominates Twitter Buzz

    Disney’s Marvel Studios handily won the hype trophy from this year’s Comic-Con International San Diego. Marvel Studios — which returned to the 2019 Comic-Con stage with a chock-full Phase 4 slate of announcements — dominated the discussion on Twitter out of the convention, capturing the biggest volume of buzz for nine of the top 10 [...]

  • Nigeria’s Kunle Afolayan: African Audiences Shouldn’t

    Nigeria’s Kunle Afolayan: African Audiences Shouldn’t Be ‘Second-Class’

    DURBAN–A young boy from a middle-class home gets an unconventional schooling in the ways of the world when he’s forced to apprentice at a mechanic’s workshop in a rough-and-tumble section of Lagos. “Mokalik” is the latest feature from Kunle Afolayan, a leading figure in the wave of filmmakers revitalizing the Nigerian film industry. The film [...]

  • SAG-AFTRA HQ

    SAG-AFTRA Ends Long Strike Against Ad Agency Bartle Bogle Hegarty

    SAG-AFTRA has ended its 10-month strike against Bartle Bogle Hegarty after the advertising agency agreed to sign the union’s new commercials contract. The union instructed its 160,000 members in September not to accept any work for BBH, which had been signed to SAG-AFTRA’s commercials contracts since 1999. The strike came two weeks after BBH publicly [...]

  • FaceApp is displayed on an iPhone,

    SAG-AFTRA Warns Members About FaceApp Terms of Use

    SAG-AFTRA is warning its 160,000 members about the “overreaching and invasive” terms of use for the FaceApp mobile application. FaceApp, developed by Russian company Wireless Lab, uses neural network technology to automatically generate transformations of faces in photographs. The app can be used to make users appear older, younger, or change gender. The terms include [...]

More From Our Brands

Access exclusive content