×
You will be redirected back to your article in seconds

Database Error Leaks 4 Million Time Warner Cable Customer Records Online

A configuration error by one of Time Warner Cable’s vendors left a database containing more than 4 million records with info about the cable operator’s customers publicly available on the internet, according to a security software firm.

BroadSoft, a communication software and service provider used by Time Warner Cable, left more than 600 gigabytes of private files publicly accessible online in two separate Amazon Web Services repositories, Kromtech Alliance’s security research team said Friday in a blog post. The BroadSoft data was improperly configured to allow public access in AWS, according to Kromtech.

Most of exposed data appeared related to Time Warner Cable, Bright House Networks and AMC Networks, according to Kromtech. One of the files contained more than 4 million records including usernames, account numbers, transaction IDs and other info spanning Nov. 26, 2010, to July 7, 2017. Other databases Kromtech was able to access in BroadSoft’s AWS repositories had billing addresses, phone numbers and other information for hundreds of thousands of Time Warner Cable customers.

Time Warner Cable and Bright House were both acquired last year by Charter Communications, which is the second-biggest U.S. cable company after Comcast.

In a statement, Charter said the exposed customer info was removed as soon as it was discovered, and said “there is no indication that any Charter systems were impacted.”

“A vendor has notified us that certain non-financial information of legacy Time Warner Cable customers who used the MyTWC app became potentially visible by external sources,” Charter said in a statement. “Upon discovery, the information was removed immediately by the vendor, and we are currently investigating this incident with them.”

BroadSoft emphasized in a statement that the exposed customer data did not include financial info like bank or credit card information or Social Security numbers. “As soon as we recognized the exposure, we immediately began to re-secure the information,” the company said, adding that BroadSoft’s core information-technology and cloud unified communication infrastructures “were not exposed or compromised in this incident.”

Charter said it recommends that customers who have used the MyTWC app change their usernames and passwords. The cable company said it will directly contact customers if it discovers that their information was exposed.

Kromtech said it downloaded the contents of the publicly accessible BroadSoft data “for verification purposes,” noting that it’s unclear if the data was accessed by other unauthorized parties. The company discovered the misconfigured BroadSoft file repositories in AWS in the process of researching an Amazon S3 cloud-based data repository for WWE — containing 3 million customer emails — that was also publicly accessible on the internet.

More Digital

  • Google Stadia is a Net Neutrality

    Google Stadia is a Net Neutrality Nightmare

    At the Game Developers Conference (GDC) this year, Google announced that it has taken up the long and ever-lengthening dream of the video game streaming service. Meant to replace the hefty, pricey, altogether confounding experience of buying and using various gaming hardware, Google Stadia will run video games on Google’s own hardware in a server [...]

  • crunchyroll logo

    Crunchyroll Raises Subscription Price to $7.99

    AT&T-owned anime subscription video service Crunchyroll is raising its monthly subscription price from $6.95 to $7.99 a month, it announced in an email to members Friday. It’s the service’s first price increase ever, according to a spokesperson. The new pricing will go into effect on May 1 for new subscribers, while existing members will see [...]

  • StyleHaul

    StyleHaul Shuts Down U.S. Operations, Lays Off About 65 Employees

    The axe is falling on StyleHaul: The fashion, beauty and lifestyle digital media and marketing company owned by RTL Group is shuttering U.S. operations, resulting the layoff of around 65 employees. StyleHaul offices in L.A., with about 55 employees, and in New York City, with around 10 staffers, are closing. RTL said StyleHaul’s U.K. operations, [...]

  • Bandsintown Platform Acquires Hypebot, MusicThinkTank

    Bandsintown Platform Acquires Hypebot, MusicThinkTank

    Bandsintown, a leading platform for letting music fans know about upcoming concerts by their favorite artists, has acquired Hypebot, a news site publishing stories about the music industry and technology, and its sister site MusicThinkTank. “I’m proud to share that Hypebot and MusicThinkTank have been acquired by Bandsintown,” wrote Bruce Houghton, the founder of the [...]

  • Vertigo Games Believes ‘Location-Based Virtual Reality’

    Vertigo Games Believes ‘Location-Based Virtual Reality’ Is Future of VR

    As virtual reality becomes more and more available, many developers are looking for new frontiers to expand the experiences offered by the tech. For Netherlands-based Vertigo Games, that next frontier is what they call “location-based virtual reality.” It’s essentially high-quality VR experiences where players aren’t tethered to a PC or even to the confines of [...]

  • GDC 2019: Google's Play For Gaming

    GDC 2019: Google's Play for Gaming Ubiquity, Rise of Ray Tracing, Store Wars

    The Game Developers Conference finished up Friday evening, wrapping one of the most exciting GDCs in recent memory with Google’s splashy entrance into AAA video gaming, the emergence of real-time ray tracing as a compelling technology for film, TV, and games, and the growing war between two global estore powerhouses: Valve’s Steam and the Epic [...]

More From Our Brands

Access exclusive content