Spectrum data breach: what happened with Charter Communications and how to protect your account

There are several companies that use “Spectrum” in their business names, from global consumer products to health and wellness. This article focuses on Charter Communications, operating under the Spectrum brand, and what happened after its recent data breaches. The company serves over 32 million customers nationwide, which makes Spectrum a high-value target for cybercriminals. Charter Communications has faced several security breaches, including the most recent one in 2025, after an illegal Chinese-backed hacking campaign. 

While Spectrum is a dedicated provider of cable, internet, and telephone services, it dealt with legacy vendor errors in 2017 and a widespread data leak in 2023. Keep reading as we cover what happened at Charter Communications, what sensitive data was exposed, and some actionable ways to safeguard your personal data. 

Has Spectrum been hacked?

Yes, someone hacked the company in 2025, but the Spectrum data breach in 2023 had the greatest impact on the customers directly affected. Spectrum experienced several security breaches that seemed to target different system vulnerabilities, and fuel concerns around the safety of our nation’s essential services. Here’s a quick overview of the company’s issues.

• Time Warner Cable exposure – After Charter Communications merged with Time Warner Cable in 2017, Kromtech Security Center found a 600 GB cache of customer files while investigating an unrelated breach. A third-party vendor exposed approximately 4 million customer records, including their email addresses, device serial numbers, and other sensitive information. 
  
• A vendor breach – In 2023, a third-party vendor’s security was compromised, which exposed roughly 550,000 customer accounts. Charter Communications announced the discovery after finding customer data for sale on the dark web, but didn’t disclose the timing of the hack or the vendor responsible.
  
• Chinese espionage – Earlier this year, reports publicized evidence about Salt Typhoon’s cyberattack on Spectrum and other telecommunications companies. The Chinese-backed hacking group launched a coordinated attack against many telecommunications companies during its widespread cyber-espionage campaign. The attack targeted over 200 American companies, as hackers accessed call records of American politicians and other officials.

It’s important to understand that every Spectrum data breach increases your risk of identity theft, but this article focuses on the impact of the vendor breach in 2023. The security breach exposed approximately 550,000 customers to the dark web and many other online threats. Let’s cover how knowing the proper steps can protect your information from being exposed during a Spectrum data leak. 

Charter Communications (Spectrum) data breach 2023

What happened in the Spectrum data breach?

Spectrum confirmed that a security breach in early January 2023 affected one of its partners, after someone posted a stolen customer database on a hacking website. The Spectrum cyber attack targeted the supply chain, allowing threat actors to access customer data through a flaw in the contractor’s systems. These situations are challenging for major telecommunications companies because they tarnish their trusted image and uncover a vulnerability they can’t directly control. 

What customer information was exposed?

A flaw in the third-party contractor’s systems allowed threat actors access to sensitive customer information, including: 

• Names 
• Home addresses
• Account numbers

Reports claimed that bad actors had records containing company repair logs and sales metadata. Spectrum refuted those claims in a response to questions from The Record, stating that no Customer Proprietary Network Information (CPNI) or other financial data was accessed. The timing of the breach wasn’t ideal, as it came nearly two weeks after the FCC proposed new updates to its breach notification rules. 

FCC Chairwoman Jessica Rosenworcel noted the clear evidence that changes to the breach notification rules were long overdue, citing multiple security breaches surrounding Verizon, AT&T, and the recent T-Mobile data breach as the reason for this change.

Charter Communications’ response to the Spectrum data leak on the dark web

Charter Communications acknowledged the Spectrum cyber attack and began investigating the depth of the security breach. While hacker IntelBroker claimed responsibility for the 2023 Spectrum data breach, the company didn’t disclose the vendor name or the timing of the breach. Spectrum confirmed it was working with regulators and following all of the appropriate security policies to prevent future breaches. 

Unlike most companies, following a breach, Spectrum didn’t announce compensation or protection services for its affected customers. Similar leaks in the past, including the Comcast data breach, may cause considerable damage to individual privacy, financial security, and infrastructure. Such events convinced the FCC to modernize its regulations to govern today’s evolving cybersecurity environment, including:

• Expanding what private data means – The FCC changed the definition of CPNI to cover any information considered PII, such as names, government IDs, or email and password combinations.
  
• Defining what counts as a security breach – With the organization’s proposed updates, even indirect data leaks caused by system errors would qualify.
  
• Faster Customer Notifications – Companies must now alert customers without unreasonable delays after the FCC eliminated the 7-day waiting period. Telecoms have 7 days to alert the FCC and 30 days after a breach to inform those affected.

What the Spectrum data leak means for you

The industry is interconnected through the links between diverse technologies, which allow communication and access for users on different systems. Attacks on telecommunications companies threaten our infrastructure, economy, and national security. These companies store PII and service-related data, which are highly valuable to threat actors attempting identity theft and SIM-swap fraud. 

Identity theft and SIM-swap fraud

Sim-swap fraud attempts are common and allow threat actors to transfer your phone number to their device. With control of your phone number, they can gain access to your bank accounts, email, and social media by intercepting any text-based authentication codes. Many Reddit users have expressed concerns, reporting suspicious activity after the Spectrum cyber attack. 

Users shared their experiences about receiving confirmations for service changes they didn’t authorize, and disruptions to their phone service. Some Spectrum customers found unexpected services added to their accounts. Others lost access to their phone services after criminals deactivated the device and activated the customer’s number using a phone in their possession. 

One Reddit user stated, “They were able to use my number to complete identity verification on my financial accounts to gain access.”

Phishing and billing scams 

Criminals can even weaponize names and addresses to make their phishing attempts seem legitimate. With stolen customer data, threat actors can send convincing phishing emails and text messages pretending to be a representative from Spectrum. Often, these bad actors attempt to scam their targets with malicious login links, convince users to authorize fake charges, or promise them “upgrades” to their services. 

How the Spectrum cyber attack fuels other breaches

A concerning risk for Spectrum customers is how exposed information could be used as a stepping stone to access other critical accounts. Threat actors steal sensitive data, reset passwords, or bypass authentication elsewhere if they can match stolen data to an online account. One Reddit user described how, after their Spectrum account was compromised, cybercriminals were able to breach other accounts using the same credentials. 

This incident mirrors the tactics seen in the PayPal data breach, where criminals reused stolen login information to compromise payment accounts. Bad actors may also employ these methods in Amazon scams involving fraudulent purchases or creating fake listings. 

Using Telecom metadata as a surveillance target

Telecom data breaches also have larger implications for threat actors beyond scamming customers. A report from BleepingComputer confirmed that the Chinese-backed hacking group, Salt Typhoon, targeted major U.S. carriers to access Call Detail Records. While these records don’t include the conversations, they reveal who Americans speak to, when, how often, and sometimes where they are located. 

In a letter to Spectrum’s President and CEO, Christopher Winfrey, Iowa Senator Charles Grassley revealed that hackers accessed text messages, voicemails, phone calls, and wiretap information of individuals under investigation by law enforcement. Attackers also found and exploited unpatched network devices to invade and monitor activities throughout the nation’s infrastructure. His letter is a message: Telecom metadata is critical national security data that could be leveraged for damaging cyberattacks. 

Signs your Spectrum account may be compromised

If you’re a Spectrum customer, it’s up to you to recognize the warning signs of a compromised account. Spotting these red flags early can mean a faster recovery and avoiding identity theft: 

• Uninitiated password resets – These usually show up as emails or texts about resetting your password. Another sign of tampering could be receiving a security code you didn’t request. 
  
• Unusual login times or session activities – Notifications of a login on a device or reports of activity you don’t recognize could be threat actors trying to access your Spectrum account. 
  
• Unapproved account changes – Threat actors may change your email address, phone number, or billing information without your consent. 
  
• Service disruptions or missing 2FA codes – A criminal may have access to your account if you can’t use your phone number or aren’t receiving authentication texts anymore. 

What to do if you’re affected by a telecom data breach

No system is 100% protected from a data breach, but taking steps to limit the damage can help. If your information is exposed, here’s what you should do: 

Secure your Spectrum account

• Change your passwords as soon as possible. Always use strong and unique passwords and never reuse them. 
  
• Use two-factor authentication. Two-factor authentication settings add more protection by requiring users to enter a code each time they log in. 
  
• Regularly check your Spectrum account. Threat actors can change your account credentials at any time. Be ready by frequently monitoring your account to catch any updates to your info or forwarding rules. 

Protect your phone number

• Enable a number lock or port-out protection. If you subscribe to the Spectrum Mobile services, ask the carrier to add an account lock to prevent criminals from transferring your number without your consent. 
  
• Set up account alerts. Speak with a Spectrum representative and ask them to notify you of any SIM swaps or account changes. 

Monitor your finances 

• Freeze your credit file. Contact and ask all three credit bureaus to block anyone from opening new accounts in your name. 
  
• Review your credit reports often. Review your credit file for signs of unauthorized transactions or hard inquiries. 
  
• Enable banking notifications. Many institutions and credit card companies allow you to track unauthorized spending by setting up text or email notifications. 

Report issues and seek customer service support

• Get help from Spectrum customer support. If you notice any suspicious activity, report it to customer support. You can contact Spectrum at 833-949-0036, get support using Live Chat, or from the My Spectrum app.  
  
• File complaints with regulators. It may be necessary to file a complaint with the FTC at IdentityTheft.gov or on the FCC’s customer complaint portal. 
  
• Explore Spectrum’s online security resources. Visit Spectrum’s security center webpage to find resources and learn how to protect your privacy online.  
  
• Keep all documents and evidence. Spectrum customer support may need more information when investigating breaches. Keep a copy of any notices you receive, screenshots, or confirmation numbers when speaking to support representatives. 

How to safeguard yourself from future breaches 

You can’t control how companies protect your sensitive data, but you can proactively lower your risks after a Spectrum data breach: 

• Use password best practices. Use password managers like Bitwarden or Google Password Manager to generate and store unique passwords instead of reusing old ones. 
  
• Set up credit monitoring alerts. Many financial institutions offer services to track your credit file and will send alerts when suspicious activity is detected. These services help individuals act quickly when threat actors attempt to use their information for fraud. 
  
• Limit what you share online. Bad actors also target social media platforms and mobile apps. Be careful what you share online and while using social media. Audit your old accounts to limit what information criminals can find about you.
  
• Use a secondary email address. Consider creating separate email addresses for different online activities. If one is hacked, your other account isn’t automatically compromised as well. 
  
• Update your devices. Always check for new updates for your phone, router, or other connected devices. Developers include patches and update firmware in the latest software, as outdated systems are common entry points for cybercriminals.
  
• Remove your exposed information from the public web. Even with strong account security, your personal details can still be found on data broker and people-search platforms, where anyone can access them. Cybercriminals can combine these details with information exposed in data breaches, or even use information from brokers alone to impersonate you, launch social engineering scams, or commit financial fraud and identity theft. To reduce your exposure, you can manually request removal from these sites, or use Onerep to automatically locate and delete your data from 230+ people-search platforms and Google.

Try a free Onerep scan to spot your exposed information, or sign up for a 5-day free trial to experience how Onerep helps clean your online presence.

FAQs about Spectrum data breaches

Who owns Spectrum?

Charter Communications owns and operates under the name Spectrum as one of the largest telecommunications providers in the U.S.

Did Spectrum have a security breach?

Many are wondering, Has Spectrum been hacked recently? Yes, the most recent breach occurred in 2025 when Salt Typhoon launched a widespread campaign against other companies, including Verizon, AT&T, Lumen, and Windstream. 

Did Spectrum get hacked today?

No, there aren’t any reports confirming a new Spectrum hack today. Always check Spectrum’s website for official statements or trusted news outlets like CyberNews and BleepingComputer for updates. 

Spectrum email hacked: Am I at risk for fraud?

Yes, threat actors can access other online accounts or build a more complete digital profile of you from a data breach. Criminals can use names, addresses, and other account info for many different scams.

What should I do if I suspect fraud? 

First, secure your Spectrum account by changing your password. Then, contact Spectrum support to report the incident and get further advice. Monitor your other online accounts for suspicious activities. You can also report fraud to the FTC or file a complaint with the FCC.