UPDATED 19:10 EDT / DECEMBER 09 2021

SECURITY

Cable TV provider Cox Communications hit by data breach

Cable television provider Cox Communications Inc. has been hit by a data breach after a hacker impersonated a support agent to gain access to customer information.

After the breach, first reported today by Bleeping Computer, customers started receiving letters from the company this week that warned them of it. The letter stated that on Oct.11, “unknown person(s) had impersonated a Cox agent and gained access to a small number of customer accounts.”

The company said it had taken steps to secure the affected customer accounts and had notified law enforcement of the incident. Further investigation discovered that the hacker may have viewed certain types of customer information. The information included name, address, telephone number, Cox account number, Cox.net email address, username, PIN code, account security question and answer, and information on other types of services that a customer receives from Cox.

Affected customers were urged to review their financial account statements for fraudulent activity. Cox is also offering one year of free Experian credit monitoring services “to help relieve concerns and restore confidence following this incident.”

The exact details of how the hacker successfully impersonated a support agent were not disclosed, but it’s likely that social engineering was involved.

“This serves as a reminder that data breaches can happen in many ways and often are the result of human error,” Matt Sanders, director of security at security information and event management firm LogRhythm Inc., told SiliconANGLE. “Social engineering tactics like impersonating trusted colleagues or partners have proven highly successful time and again.”

Sanders added that now that the hackers are armed with a high volume of personally identifiable information, Cox customers are at risk of additional phishing emails and other forms of fraud. “Customers should ensure they are using security best practices such as updating their passwords and leveraging two-factor authentication to protect their accounts,” he said.

Paul Laudanski, head of threat intelligence at enterprise email security company Tessian Ltd., noted that the breach is a stark reminder of the dangers of reused passwords and security questions and answers on other systems.

“Security questions and answers that authenticate internal customer support accounts should be held to a higher security standard than what the agents normally engage in,” Laudanski explained. “Passwords and security questions and answers should never be visible and they should require a higher level of security to prevent account takeover.”

Photo: Cox Communications

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU