Customers of US multiplay provider Cox Communications have received letters from the business warning of a data breach that compromised their name, address, contact details and PIN code according to a story first reported by BleepingComputer. Per Cox’s letter to customers…
…an unknown person(s) had impersonated a Cox agent and gained access to a small number of customer accounts.
The following information may have been compromised.
…name, address, telephone number, Cox account number, Cox.net email address, username, PIN code, account security question and answer, and/or the types of services that you receive from Cox.
Very little is known about this breach, including the number of customers whose information was compromised. However, the breach represents another blow to customers who have lost confidence that their data will be securely protected.
Social engineering was ranked the top cybersecurity threat by respondents to the 2021 Risk & Assurance Group survey of revenue assurance, fraud management and cyber security professionals working for comms providers. Maintaining the privacy of personal data begins with comms providers doing a thorough job of authenticating every individual who gains access to their systems.
The BleepingComputer article about the Cox Communications data breach can be found here.