Security

So what's all this about 320k Time Warner Cable users being hacked?

More like phished, it seems

Watercooler Word is spreading that some 320,000 Time Warner Cable (TWC) customers have had their account information accessed by crooks.

America's second-largest cable provider says that the FBI tipped it off to a huge cache of customer login credentials that appears to have been gathered by criminals. TWC told us it is notifying those customers whose logins have been scooped.

Sound scary? Confusing? Let's go over this together and try to sort the whole thing out.

Okay. First things first. What did they get?

According to TWC, the leaked info includes customer email addresses and account passwords – the info you would use to log in to TWC's customer service portal. There's no indication that payment cards or other personal information was compromised, but it's still a good idea to keep an eye on your cable bill and bank statements for a while.

So, what does this mean for TWC customers?

If you have received a notice from Time Warner, you should definitely get a new password. Try to pick a strong one that will be tougher to brute force. If you use the same password for other services, you should obviously change those too, and this time use a different password than the one you picked for your TWC account. Make a habit of this. One of the first things cybercriminals do with plundered passwords is try them out with other sites in hopes of stealing even more accounts.

So if I don't get any notice from TWC, I don't need to do anything?

Even if you aren't one of the unfortunate 320,000, you should take this as incentive to update your password anyway. There's no indication yet that the stolen credential were the result of a breach on TWC's own systems, but as we've seen before, these sort of things can expand in scope as investigators dig deeper.

Wait, TWC didn't get breached?

That seems to be the early indication. We've heard that this wasn't a direct compromise of any TWC-owned database. That the issue was first spotted by the FBI and not TWC would back up the notion that this wasn't a direct hack of Time Warner.

So if they didn't hack TWC, how did they get all those credentials?

There could be a number of ways. The most likely culprit is a phishing attack targeting TWC customers (likely through a fake customer service site). There's also the possibility that the credentials were gathered through malware installations or by breaching a subcontractor who had access to some TWC customer info.

But 320,000 customers? That seems like a lot for just a phishing or malware breach.

Keep in mind by its own estimation, TWC has about 16 million customers. Casting a wide net over a long period of time could eventually add up to hundreds of thousands of accounts.

Whew, that sounds bad. Glad I've got Comcast :-)

Don't be so smug. Remember that around 200,000 Comcast customers just had their credentials leaked as well.

There are some best practices everyone should use to keep their account info safe. Picking strong passwords and changing them regularly is a good start. You should also be suspicious of any unsolicited emails claiming to be from a service provider, bank, and so on. Don't follow links in those unsolicited messages, and keep security software up to date. ®

Sponsored: 2016 Cyberthreat defense report