The Information Highway

The Information Highway

Font size: +
2 minutes reading time (454 words)

Frontier Communications shuts down systems after cyberattack

American telecom provider Frontier Communications is restoring systems after a cybercrime group breached some of its IT systems in a recent cyberattack.

Frontier is a leading U.S. communications provider that provides gigabit Internet speeds over a fiber-optic network to millions of consumers and businesses across 25 states.

After discovering the incident, the company was forced to partially shut down some systems to prevent the threat actors from laterally moving through the network, which also led to some operational disruptions.

Despite this, Frontier says the attackers could access some PII data, although it didn't disclose if it belonged to customers, employees, or both.

"On April 14, 2024, Frontier Communications Parent, Inc. [..] detected that a third party had gained unauthorized access to portions of its information technology environment," the company revealed in a filing with the U.S. Securities and Exchange Commission on Thursday.

"Based on the Company's investigation, it has determined that the third party was likely a cybercrime group, which gained access to, among other information, personally identifiable information." 

Frontier now believes that it has contained the breach, has since restored its core IT systems affected during the incident, and is working on restoring normal business operations. 

The company currently displays warnings on its website cautioning users that it's experiencing internal support technical issues and that "residential and business networks are not affected."

Frontier incident warning (BleepingComputer)

Frontier's mobile apps are also down, with the same warning message being displayed after launching the application.

According to an internal memo, a network outage took down Frontier's wholesale sites on Tuesday morning at around 7:30 AM ET, as well as the following applications and platforms:

  • Virtual Front Office (VFO) Local (LSR/ISP) Module
  • Virtual Front Office (VFO) Access (ASR) Module
  • Virtual Front Office (VFO) Trouble Administration (TA) Module
  • E-Bonded Applications - EDI, UOM, TML
  • Customer Wholesale Portal (CWP)
  • Wholesale Operations Website (https://wholesale.frontier.com)
  • Wholesale Billing Online tools (CTS, CABS Portal, COBRA)

Despite the company's assurances, many customers have been reporting that their Internet connection has been down since and that support phone numbers are playing prerecorded messages instead of redirecting to a human operator. 

"The Company continues to investigate the incident, has engaged cybersecurity experts, and has notified law enforcement authorities," Frontier added in the SEC filing.

"The Company does not believe the incident is reasonably likely to materially impact the Company's financial condition or results of operations."

22,500 Palo Alto firewalls "possibly vulnerable" t...
Active exploit of Atlassian Confluence

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Thursday, 14 November 2024

Captcha Image

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023