Texas-based Frontier Communications, which provides local residential and business telecommunications services in 25 states, has shut down its operations following a cyber attack that resulted in the theft of personally identifiable information (PII).
The breach occurred four days ago, on April 14, when a breach was detected by an unauthorized third party who had gained access to “portions of its computing environment,” according to a filing of the incident with the U.S. Securities & Exchange Commission (SEC).
As part of its containment efforts, Frontier took “some of the company’s systems [offline, which] resulted in an operational disruption that could be considered material.” It reported that while its core IT environment is up and running, normal business operations have yet to resume; and as of this writing, the company’s website telecommunications was still offline.
Frontier did not disclose what PII the cyber attacker accessed or who was affected, nor the suspicious nature of the adversary. Telecom companies are a popular target for both financially motivated attackers and advanced persistent threats (APTs), given the rich data repositories they hold. For example, the Sandman APT was behind a prolific series of attacks last fall aimed at stealing call data records, mobile subscriber identity data and metadata from carrier networks.
“The company continues to investigate the incident, has engaged cybersecurity experts and notified law enforcement,” it said SEC filing. “The Company does not believe that the incident is reasonably likely to have a material impact on the Company’s financial condition or results of operations.”