Hacker Impersonates Agent to Breach Data from Cox Communications

Customers of US multiplay provider Cox Communications have received letters from the business warning of a data breach that compromised their name, address, contact details and PIN code according to a story first reported by BleepingComputer. Per Cox’s letter to customers…

…an unknown person(s) had impersonated a Cox agent and gained access to a small number of customer accounts.

The following information may have been compromised.

…name, address, telephone number, Cox account number, Cox.net email address, username, PIN code, account security question and answer, and/or the types of services that you receive from Cox.

Very little is known about this breach, including the number of customers whose information was compromised. However, the breach represents another blow to customers who have lost confidence that their data will be securely protected.

Social engineering was ranked the top cybersecurity threat by respondents to the 2021 Risk & Assurance Group survey of revenue assurance, fraud management and cyber security professionals working for comms providers. Maintaining the privacy of personal data begins with comms providers doing a thorough job of authenticating every individual who gains access to their systems.

The BleepingComputer article about the Cox Communications data breach can be found here.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.