A hacker posing as customer service led to a data breach at Cox

Cable and telecommunications provider Cox Communications has disclosed a data breach after a hacker gained access to its customers’ personal information by posing as a support agent.

The company’s customers recently began receiving letters in the mail informing them that one or more unknown individuals had posed as a Cox support agent in order to gain access to customer information.

Although few details on the extent of the data breach have been released at this time, the hacker likely used social engineering as a means of gaining access to Cox’s internal systems.

Once the company learned that a hacker had impersonated one of its support employees, it immediately launched an internal investigation into the matter and notified law enforcement of the incident. incident.

Customer account information

In the data breach notification letter sent to customers, Amber Hall, Chief Compliance and Privacy Officer of Cox Communications, explained that certain information in customers’ accounts may have been accessed by the hacker, saying:

“Upon further investigation, we discover that the unknown person(s) may have viewed certain types of information stored in your Cox customer account, including your name, address, telephone number, Cox account number, address Cox.net email address, your username, PIN, account security question and answer, and/or the types of services you receive from Cox.”

Although Cox did not reveal whether financial information or passwords were accessed, he advises customers to monitor their financial accounts. In order to prevent any possible identity theft as a result of the breach, the company is also offering a free one-year subscription to Experian IdentityWorks to all affected customers.

We will likely hear more details regarding the data breach once Cox and law enforcement complete their respective investigations, but in the meantime, Cox customers should change the password and security questions/answers to their accounts, check for any phishing emails claiming to be from the company, and enable two-factor authentication (2FA) for their accounts.

We also presented the best password manager, better protection against identity theft and best antivirus

Via BleepingComputer

Joseph P. Harris