The names, email addresses, phone numbers and other information that hackers purport relate to some 40,000 Cox Communications employees have turned up on a Dark Web marketplace.
“Selling 40k personal details of cox employs [sic],” reads the listing on The Real Deal Market.
After Vice’s Motherboard subsidiary obtained a sample of the data for verification. It found that the names seemed to match real employee names (according to LinkedIn data), and in some cases, publicly available web addresses. The outlet also sent the sample to the cable company, after which Cox was quick to respond—but stopped short of confirming that a breach had, in fact, happened.
“Cox Communications is aware of this matter and the business-related information to which it relates,” said Todd Smith, a Cox Communications spokesperson, said in a statement to media. “We’re taking this very seriously and have engaged a third-party forensic team to conduct a comprehensive investigation and are actively working with law enforcement. Cox’s commitment to privacy and data security is a top priority for the company.”
The sample also included some internal information that could be used for phishing, like the name of the employees’ managers, physical addresses for Cox’s offices where the employees work, and the last date of log-in.
This is not the first breach that the company has faced. Last November, Cox was fined $595,000 by the FCC for failing to report a data breach involving customer data the previous year. In that case, teenage hacking gang Lizard Squad tricked a customer service employee into giving away personal information on about 60 customers.
“While the company has moved more swiftly to address the current situation than it did in 2014, clearly Cox has more work to do with its privacy and data security protocols,” said Adam Levin, chairman and founder of IDT911. “If you are an impacted employee, and it appears that any of your credit or financial accounts have been tampered with, close the accounts immediately to prevent thieves from accessing any more information.”
Regarding the phishing threat, he added, “Do not click on any links in emails you receive or provide any personal information to someone who contacts you either online or by phone because it could be a phishing, spearphishing or vishing attack. Also, check to see if any financial services firm or insurance company with which you have a relationship offers a program to help you navigate this process.”