Frontier Data Breach 'Contained,' Cybercrime Suspected

A cybercriminal group likely has stolen customer information from Frontier Communications in a recent attack, adding to a growing list of telecommunications providers who have suffered breaches.

The Frontier data breach came to the Dallas-based carrier's attention April 14, according to an SEC filing the company published Thursday. Frontier said an unauthorized third-party accessed parts of its IT system.

Frontier shut down part of its IT environment, which caused what the company called a "material" operational disruption. And the breach appeared to stem from a bad actor.

"Based on the company’s investigation, it has determined that the third party was likely a cybercrime group, which gained access to, among other information, personally identifiable information," the company wrote in the brief filing.

Impact of Frontier Data Breach

The SEC filing continues to say Frontier "believes it has contained the incident." The company as of April 18 was working on restoring its business operations, but it had "restored its core information technology environment."

Light Reading reported that that last week Frontier's internal support systems experienced technical issues. The carrier noted at the time that its residential and business networks didn't not suffer any disruption.

"The company continues to investigate the incident, has engaged cybersecurity experts, and has notified law enforcement authorities," the filing said. "The company does not believe the incident is reasonably likely to materially impact the company’s financial condition or results of operations."

Frontier did not immediately respond to inquiries from Channel Futures. Its business and wholesale revenue decreased a little more than 1% year over year, to $634 million last quarter.

Telecom Industry Reckons with Data Breaches

The Record astutely notes that the FCC in December broadened its definition of a data breach. The Commission noted in its report that breaches have proliferated and intensified since it implemented a breach reporting rule 16 years ago.

T-Mobile last summer saw the breach of 37 million customers' information, and earlier this month AT&T said 73 million past and present customers' accounts were found on the dark web.

The FCC's December update expanded the definition to include inadvertent disclosure of personally identifiable information. Then in the same action, the FCC decided that carriers and telecommunications relay service (TRS) providers are no longer required to notify customers if they "can reasonably determine that no harm to customers is reasonably likely to occur as a result of the breach." But in the event that they do need to notify customers, the FCC has dropped its mandatory waiting period.