Earlier this week, American telecommunications company Time Warner Cable (TWC) revealed that up to 320,000 of its customers may have had their email addresses and passwords stolen.
The company has since notified the customers affected and warned them to change their passwords.
According to TWC, there is no indication that its own systems have been breached so the company believes that the information was probably accessed through malware or phishing attacks, or through breaches of external comapanies that store data on TWC customers.
“We’re contacting customers who could potentially be affected so they can take precautions, including changing their password to a strong, unique alternative,” a TWC spokesman said. “Additionally, through our website we provide several tips for how to navigate the Web more carefully and how to avoid phishing schemes.”
Kevin Cunningham, president and founder of SailPoint commented: “Security breaches and data theft, like what happened with Time Warner Cable, can be frustrating for consumers when they’re asked to reset passwords, but they’ve become so common that the company may not lose too many customers. But this breach could have far reaching implications for unrelated organisations.
"Many people use the same password across a myriad of personal and professional applications, and hackers recognise that. So now, seemingly unrelated corporate accounts may be at risk. This is where identity management solutions can really help, because they can automatically force password resets across their employee base as a precaution."
UPDATE: Mark Stollery, Managing Consultant in Enterprise & Cyber Security, UK & Ireland at Fujitsu commented: "Hacks are a fact of life nowadays, and not just for careless or negligent organisations. Attackers always have the initiative, and even the best-run company could suffer from a hack or data theft. Because of this, it’s vital organisations take a proactive approach focusing on the integration of threat intelligence and other information sources to provide the context necessary to deal with today’s advanced cyber threats. There must also be a clear and well-rehearsed crisis management plan for a breach, addressing internal and external communication. The immediate aftermath of a breach is not the time to work out who should say what to whom, and getting it wrong can seriously damage your corporate reputation and share price.
"According to research from Fujitsu, only 9 per cent of UK consumers believe organisations are doing enough to protect their data, so the response of companies like Time Warner Cable to an attack will have a serious impact on the future of the business.”
Image source: Shutterstock/wk1003mike