Frontier fallout as 750K customers’ data exposed in RansomHub cyberattack


U.S. telecommunications company Frontier has experienced a serious data security breach that compromised the personal information of a significant number of its customers. The company confirmed that a security incident resulted in the unauthorized disclosure of full names and Social Security numbers belonging to more than 750,000 individuals. Frontier is currently notifying affected customers and has reported the incident to the appropriate regulatory authorities.


Frontier fallout as 750K customers' data exposed in RansomHub cyberattack

Field engineer investigating data breach (Kurt “CyberGuy” Knutsson)

What happened in the Frontier data breach?

Frontier Communications is warning 750,000 customers that their information was exposed in a data breach. “On April 14, 2024, we detected unauthorized access to some of our internal IT systems. Our investigation identified your personal information among the data affected by this incident,” the telco wrote in a notification sent to affected customers.

The sample of the notice submitted to the Office of the Maine Attorney General has censored the types of data exposed in this incident. However, full names and Social Security numbers were confirmed as breached for 751,895 customers, according to a Bleeping Computer report. Frontier assures that no customer financial information was exposed due to this breach.

Frontier believes it contained the data breach shortly after the attack and restored normal business operations. However, the security incident forced the company to partially shut down some systems to prevent the threat actors from laterally moving through the network, which also led to some operational disruptions.

Frontier fallout as 750K customers' data exposed in RansomHub cyberattack

A woman working on her laptop (Kurt “CyberGuy” Knutsson)


Who’s behind the Frontier data breach?

Frontier hasn’t disclosed the exact cause of the data breach, but it confirmed a cybercrime group was behind it. “Based on the Company’s investigation, it has determined that the third party was likely a cybercrime group, which gained access to, among other information, personally identifiable information,” the telco wrote in a filing with the Securities and Exchange Commission.

Frontier hasn’t officially named the cybercrime group responsible for the attack. However, it’s worth noting that the RansomHub extortion group claimed responsibility for the attack this month, June 4, raising suspicion about the timing of Frontier’s data breach notification.

RansomHub says they hacked Frontier and stole data on 2 million customers. This data reportedly includes personal info like names, addresses, birthdays, Social Security numbers, email addresses and even details about your Frontier service. RansomHub put Frontier’s name on their dark web extortion site and gave the company a deadline to meet their ransom demands. If Frontier doesn’t respond to their demands, RansomHub says they’ll sell the stolen data to the highest bidder.


What is Frontier doing about the data breach?

Frontier says it responded swiftly to the cyberattack. It brought in leading cybersecurity experts to investigate and contain the breach while also fortifying its network defenses to prevent future intrusions. Law enforcement and regulators were notified.

The telecom giant is providing affected customers with free credit monitoring and identity theft resolution for one year. While Frontier mentions a deadline to enroll, it hasn’t specified the date. Act promptly to ensure you’re covered.

We reached out to Frontier for a comment but had not heard back by our deadline.

Frontier fallout as 750K customers' data exposed in RansomHub cyberattack

Illustration of a person investigating data breach (Kurt “CyberGuy” Knutsson)


6 measures to take to protect yourself from a data breach

If you suspect you’ve been affected by this data breach, follow these steps to protect your personal data and privacy.

1) Invest in identity theft protection: If you think your personal data has been leaked, scammers may try to impersonate you to gain access to your private information. The best thing you can do to protect yourself from this type of fraud is to subscribe to an identity theft service. If you’re eligible, take the free Kroll subscription Frontier is offering.

Identity theft companies can monitor personal information like your Social Security number, phone number and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft.

2) Place a fraud alert: Contact one of the three major credit reporting agencies (Equifax, Experian or TransUnion) and request a fraud alert to be placed on your credit file. This will make it more difficult for identity thieves to open new accounts in your name without verification.

3) Be cautious of phishing attempts: Be vigilant about emails, phone calls or messages from unknown sources asking for personal information. Avoid clicking on suspicious links or providing sensitive details unless you can verify the legitimacy of the request.

The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

4) Check Social Security benefits: It is crucial to periodically check your Social Security benefits to ensure they have not been tampered with or altered in any way, safeguarding your financial security and preventing potential fraud.

5) Invest in personal data removal services: While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Remove your personal data from the internet with my top picks here.

6) Change your password: You can render a stolen password useless to thieves simply by changing it. Opt for a strong password, one that you don’t use elsewhere. Even better, consider letting a password manager generate one for you.


Kurt’s key takeaway

Frontier says it is fortifying its systems to prevent the incident from happening again. While I appreciate the company’s steps to make things right, this incident shouldn’t have occurred in the first place, especially if customers are entrusting it with sensitive information. Frequent data breaches suggest a worrying gap in cybersecurity preparedness among large tech companies. You, as customers, must stay aware when sharing sensitive information and avoid any phishing attempts from scammers.

How important is online privacy to you? Have recent data breaches impacted your online behavior? Let us know by writing us at

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

Copyright 2024 All rights reserved.

Source link