Time Warner Cable: 320,000 customer passwords possibly stolen

The cable giant wants customers, especially those with rr.com email addresses, to reset their passwords.

Lance Whitney Contributing Writer
Lance Whitney is a freelance technology writer and trainer and a former IT professional. He's written for Time, CNET, PCMag, and several other publications. He's the author of two tech books--one on Windows and another on LinkedIn.
Lance Whitney
2 min read

Time Warner Cable says it doesn't know yet how customer data was compromised.

TWC/YouTube screenshot by CNET

Time Warner Cable is telling customers to change their passwords.

The cable giant acknowledged Wednesday that email addresses and passwords of up to 320,000 customers may have been stolen. The company said it doesn't know yet how data was compromised but speculated it was either attacks against other companies that store TWC subscriber information or malware downloaded in phishing attacks on customers.

Cyberattacks against businesses are nothing new but have ramped up in recent years as hackers find new ways to exploit security holes. Hackers often sell stolen customer data on the black market and force companies to acknowledge shoddy data-protection practices. Phishing attacks, by contrast, rely on trust to trick people into clicking on links or downloading files in emails that appear legitimate but are actually gateways to malicious software.

Although TWC said it hasn't pinned down the cause of the incident, the company said it has found no evidence that its own systems were breached. The company said the FBI informed it of the data theft. TWC added that it is notifying customers via email and direct mail to change their passwords.

"We're contacting customers who could potentially be affected so they can take precautions, including changing their password to a strong, unique alternative," a TWC spokesman said. "Additionally, through our website we provide several tips for how to navigate the Web more carefully and how to avoid phishing schemes."

The theft centers on customers of Time Warner's Roadrunner service, so those with an email address ending in rr.com in particular should change their passwords, according to NBC News. Roadrunner subscribers can change their passwords on the Roadrunner Password Reset Tool page.

The FBI's information was part of a larger disclosure that included other Internet providers, NBC News said. No details on other providers were released.

In November, cable provider Comcast reset passwords for almost 200,000 customers after they were discovered on the black market. That incident was blamed in part on phishing attacks that tricked Comcast customers into giving out their passwords.

(Via Reuters)