Time Warner Cable (TWC) blamed a phishing attack conducted on one of its vendors for a data breach that may have resulted in 320,000 TWC customer emails and other personal information being stolen.
The cable giant was made aware of the problem by the Federal Bureau of Investigation (FBI) which told the company that customer emails and passwords may have been compromised, said Eric Mangan, TWC director of public relations to SCMagazine.com in an email Wednesday.
“Our understanding is that the compromise had nothing to do with TWC's systems or processes, and we have found no evidence of a breach in our systems that operate and secure email accounts for our customers,” Mangan said.
“That TWC's customer data was stolen from a third party is immaterial. If the pipes leak in your new house, you wouldn't accept the general contractor blaming the plumber. Companies are responsible for the protection of their sensitive data whether it's physically resident on their premises or elsewhere, a reality that enterprises should take very seriously as they evaluate partners, and, even more importantly, as they consider moving data to the cloud,” Jeff Hill, channel marketing manager for STEALTHbits Technologies said to SC in an email Wednesday.
Paul Truelove, SailPoint's vice president of product management, told SC that companies should have in writing with their third-party vendors the right to validate the firm's specific controls related to protecting the parent company's data.
"Companies must take a proactive approach to validating vendor security practices before establishing a relationship with a third party. It's not enough to assume that an organisation is taking proper steps to protect confidential or sensitive data," Trulove said.
Unfortunately, this type of attack, where personally identifiable information is accessed illegally through a third-party, is becoming more popular and likely to increase.
"We are certainly seeing an escalation of interest within the underground community in account credentials of many types in a wide variety of industries. Brute-forcing of accounts, peripheral account access, and both financial and reputational impacts should be anticipated," said Andrew Komarov, president and CIO of InfoArmor.
The company has not named the culprit company that it said was hit with the phishing attack that led to the breach. TWC has sent out emails and snail mail to potentially affected customers and is recommending that these people change their passwords as a precaution.