Slashdot Mirror

← Back to Stories (view on slashdot.org)

Time Warner Cable Warns 320,000 Customers of Possible Compromise (csoonline.com)

Posted by timothy on from the watch-your-email dept.

itwbennett writes: Time Warner Cable said on Wednesday that up to 320,000 customers have had their accounts compromised. 'We have not yet determined how the information was obtained, but there are no indications that TWC's systems were breached,' said Eric Mangan, public relations director for Time Warner Cable. 'The emails and passwords were likely previously stolen either through malware downloaded during phishing attacks or indirectly through data breaches of other companies that stored TWC customer information, including email addresses.' If this breach is like many others, expect that number of affected customers to grow, too.

22 of 35 comments (clear)

  1. Who did you sell to? by Opportunist · · Score: 4, Insightful

    So what "other companies" would have the email addresses of your customers? Who did you sell the information to?

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    1. Re: Who did you sell to? by EthanV2 · · Score: 1

      I'm pretty sure they mean "other companies that have been breached, to which our customers were also registered". As in someone was registered with, for example, Adobe when they got breached, and they used the same email address and password for their TWC account.

    2. Re:Who did you sell to? by thoromyr · · Score: 2

      the summary may simply be poor, but most likely what is being referred to is password re-use.

      Say my email address is thoromyr@gmail.com and I'm a customer at Acme Corporation. Like many places, they use my email address as the username. I use the password "Pass1234" because it is strong (upper case, lower case and numbers) and easy to remember (those security guys said I needed to create a memorable password that met their "complexity requirements").

      Later on, I get an account at Atlassian and, surprise, they also use my email address as the username. Now, coming up with one memorable yet complex password is hard work so, like most people, I use it again. A few months later, Atlassian announces that their Jira system was compromised and usernames and passwords leaked.

      Acme Corporation hasn't had a compromise, but now someone with the information from the Atlassian compromise can login as me on their system.

      Even worse, if I'm like most people I used the same password at gmail, so they can login as me there and probably find every place I do business with and can try the logins there (and if for some reason the password does not work go through the password reset procedure).

      Password re-use is very common.

    3. Re:Who did you sell to? by bfpierce · · Score: 1

      Anything you sign into using your TWC account to access online.

      So any of the channels on Roku as one example, there are many many others.

    4. Re:Who did you sell to? by toonces33 · · Score: 1

      I get that it is common, but I personally use a password vault (both on PC and phone) so I can use different random passwords for every account.

      And the vault is secured with a YubiKey, so even if someone stole the database and somehow knew the password, they still wouldn't be able to get in.

    5. Re:Who did you sell to? by antdude · · Score: 1

      Probably ALL the other companies.

      --
      Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
    6. Re: Who did you sell to? by Zaowulf · · Score: 1

      AFAIK, TWC doesn't outsource their tech support. Source: Their Tier III desk is here in town and I interviewed for a position a couple years ago.

  2. They don't know how they were breached? by Big+Hairy+Ian · · Score: 2

    They probably just sent the wrong file out to be cold called

    --

    Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.

  3. Shhhhhhocking! by NominalLoss · · Score: 1

    Time Warner refuses to be beaten in worst customer service.

  4. WTF? by Alumoi · · Score: 4, Insightful

    'The emails and passwords were likely previously stolen either through malware downloaded during phishing attacks or indirectly through data breaches of other companies that stored TWC customer information, including email addresses.'

    WTF was the info doing there? Outside TWC? Oh, don't tell me, let me guess: advertising.

    1. Re:WTF? by Anonymous Coward · · Score: 1

      My money is on customer service/tech support/sales subcontractors. All telecom companies outsource a lot of that.

  5. serious consequences for home users by nimbius · · Score: 4, Interesting

    this is little more than an irritation for most slashdotters practicing password segregation, but for the average home user the consequences of this are pretty relevant. The target for the data exfiltration, time warner, services individuals who cant distinguish internet from facebook or google. The password they use for time warner is likely the same for their wireless router (provided and configured by time warner) as well as their banking institution, amazon, and countless other online services. Whats even more infuriating is how clandestine Time Warner is being about this breech. Nowhere on the front of site for their cable conglomerates web presence is a breech even hinted. when logging into bill pay, the site also conveniently omits the fact that time warner has released the personal credentials of a usergroup the size of a midwestern city.

    the real kicker? because this was reported by the federal government and not through time warners own due diligence, it raises more sincere questions about just how embeddded federal intelligence and law inforcement agencies are with internet service providers.

    --
    Good people go to bed earlier.
    1. Re:serious consequences for home users by grimshaw · · Score: 1

      I got one of these notices. My username segregation; password segregation; service segregation practices are solid.

      The account in question existed for probably 15 years (for junk mail handling). The username and password have never been used anywhere else. The account was used with minimal frequency (maybe once a year) and the systems it was used on were generally trusted systems... not a polluted web surfing environment. I mostly used it with cli fetchmail on a server.

      Occam's razor... a breach at TWC is simply the most likely scenario on how this largely unused junk mail account could have been exposed. In the final analysis, I expect to hear a password hash dump from one of their systems was the source.

  6. Re:Not our fault by w1zz4 · · Score: 1

    Happen all the time, you happen to see lists of compromised data on pastebin or like website with alot of your customer data but not only yours, which suggest phishings attacks.

  7. Re:Not our fault by vtcodger · · Score: 1

    Some other dude did it." The lawyers have spoken:

    In case you are curious, yes, there do seem to be folks out there keeping totals on acknowledged data breaches. e.g. http://www.idtheftcenter.org/i...

    2005 toÂNovember 30, 2015
    Number of breaches = 5,754
    Number of Records = 856,548,312

    --
    You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
  8. Password changed by PRMan · · Score: 2

    Unique TWC password changed. Thanks, LastPass!

    --
    Peter predicted that you would "deliberately forget" creation 2000 years ago...
  9. Very Related by ThatsNotPudding · · Score: 3, Interesting

    How often should we change all our unique passwords? Once a quarter? Monthly? In real-time, like changing phaser modulation when attacking the Borg?

    1. Re:Very Related by antdude · · Score: 1

      TWC = Borgs

      --
      Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
  10. Re:Not our fault by lhowaf · · Score: 1

    "Identity Theft Resource Center"? It's a cookbook!

  11. Re:Nothing Yet... by networkzombie · · Score: 1

    I'm a TWC customer and they do not have my email address. They never asked for it and I never gave it. They never offered me an opportunity to create a RoadRunner email, and I would decline anyway. I just get a bill every month. Rates go up every 3 months or so. Still waiting for DOCSIS 3.

  12. I got notice from TW...looked like Phishing email! by Anonymous Coward · · Score: 1

    I received the email from Time-Warner. Things they did wrong in their notice:
    1. Quote "Time Warner Cable was recently notified by the F.B.I. that some of our customers’ email addresses including account passwords may have been compromised." Phish alarm #1 set (allusion to FBI notification)!
    2. Embedded link to change password (Who embeds links in legitimate 'reset your password' notices?). Phish alarm #2 set and activated!

    No link to 'more information here', only toll free phone numbers. Also, I only use the email password for TW, nothing else, ever for over 15 years now. I do not duplicate my email password for them anywhere, only ever sign in via web email or home (Mac OS X "Mail" program, served up by...Time-Warner!).

    So if my password went out via anyone, it had to be Time-Warner, despite their claims otherwise.

  13. Re:warnings are for cows by MobSwatter · · Score: 1

    Moooo! Moooo! Moooo! And the herd runs.

    Not likely, cable services based on territory there is no where to run too unless they leave their homes. Best to prepare big pharma train for herpes epidemic.