Hacker Poses As Support Rep To Breach Cox Communications

Cox Communications, the third-largest cable provider in the U.S., has sent notifications to customers who were impacted by a recent data breach. According to the company, the hacker gained access to its systems by impersonating a support rep.

A copy of the notification shared by Bleeping Computer’s Lawrence Abrams reveals that Cox became aware of the attack on October 11.

This is the second incident related to a Cox company in the past six months. In June, Cox Media Group (CMG) suffered a ransomware attack that knocked TV and radio broadcasts offline.

The breach notification does not mention when the breach actually occurred, though it’s possible that information was not yet known at the time the notifications were sent out. Cox also notes that impacted accounts were secured, an investigation was launched and law enforcement officials notified on the day the attack was discovered.

Customers were notified that the attacker “may have viewed” private details of their accounts. That data potentially includes the customer’s Cox account number, access PIN, security questions and answers, list of active Cox services, Cox.net email address, name, address and telephone number.

It does not appear as though customer financial information was compromised, though Cox is still advising that those impacted carefully review their payment card statements for fraudulent transactions.

Cox customers who received a notification are also being a year of identity monitoring from Experian to “relieve concerns and restore confidence.”

The company is also advising that users change their passwords if they have re-used their Cox password with another…