Fiber broadband giant investigates breach affecting 1M users

Brightspeed, 1 of the largest fibre broadband providers successful the United States, is investigating claims that hackers stole delicate information tied to much than 1 cardinal customers.

The allegations surfaced erstwhile a radical calling itself the Crimson Collective posted messages connected Telegram informing Brightspeed employees to cheque their email. The radical claims it has entree to implicit 1 cardinal residential lawsuit records and threatened to merchandise illustration information if the institution does not respond.

At this point, Brightspeed has not confirmed a breach. However, the institution says it is actively investigating what it calls a imaginable cybersecurity event.

DATA BREACH EXPOSES 400,000 BANK CUSTOMERS’ INFO

Fiber networks transportation monolithic amounts of idiosyncratic data, which makes net providers charismatic targets for extortion groups. (Philip Dulian/picture confederation via Getty Images)

Sign up for my FREE CyberGuy ReportGet my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide — escaped erstwhile you articulation my CYBERGUY.COM newsletter 

What the hackers accidental they stole

According to Crimson Collective, the stolen information includes a wide scope of personally identifiable information. The radical claims it has entree to:

• Customer names, email addresses and telephone numbers
• Home and billing addresses
• User relationship details linked to league oregon idiosyncratic IDs
• Payment past and partial outgo paper information
• Appointment and bid records tied to lawsuit accounts

If accurate, that operation of information could make superior individuality theft and fraud risks for affected customers.

Brightspeed responds to the allegations

Brightspeed says it takes the concern seriously, adjacent arsenic it continues to verify the claims.

In a connection shared with BleepingComputer, the institution said it is rigorously monitoring threats and moving to recognize what happened. Brightspeed added that it volition support customers, employees and authorities informed arsenic much details go available.

So far, determination has been nary nationalist announcement connected Brightspeed's website oregon societal media channels confirming lawsuit information exposure.

Who Brightspeed is and wherefore this matters

Brightspeed is simply a U.S. telecommunications and net work supplier founded successful 2022 aft Apollo Global Management acquired section speech assets from Lumen Technologies.

Headquartered successful Charlotte, North Carolina, the institution serves agrarian and suburban communities crossed 20 states. It has rapidly expanded its fibre footprint, passing much than 2 cardinal homes and businesses and aiming to scope implicit 5 cardinal locations.

Because Brightspeed focuses connected underserved areas, galore customers trust connected it arsenic their superior net provider. That makes immoderate imaginable breach particularly concerning.

A person look astatine Crimson Collective

Crimson Collective is not caller to high-profile targets. In October, the radical breached a GitLab lawsuit tied to Red Hat, stealing hundreds of gigabytes of interior improvement data.

That incidental aboriginal rippled outward. In December, Nissan confirmed that idiosyncratic information for astir 21,000 Japanese customers was exposed done the aforesaid breach.

More recently, researchers accidental Crimson Collective has targeted unreality environments, including Amazon Web Services, by abusing exposed credentials and creating rogue entree accounts to escalate privileges.

In different words, the radical has a way grounds that makes its claims hard to ignore.

What this could mean for customers

Even though Brightspeed has not confirmed a breach, the claims unsocial are capable to rise reddish flags. If lawsuit information was accessed, it could beryllium utilized for phishing scams, relationship takeovers oregon outgo fraud.

Cybercriminals often determination accelerated aft breaches. That means customers should enactment alert adjacent earlier an authoritative announcement appears.

CyberGuy reached retired to Brightspeed for comment, and a spokesperson told us,

"We instrumentality the information of our networks and extortion of our customers’ and employees’ accusation earnestly and are rigorous successful securing our networks and monitoring threats. We are presently investigating reports of a cybersecurity event. As we larn more, we volition support our customers, employees, stakeholders and authorities informed."

JANUARY SCAMS SURGE: WHY FRAUD SPIKES AT THE START OF THE YEAR

How to support your idiosyncratic information and online accounts

Even if this Brightspeed probe does not extremity up impacting your account, these steps are worthy following. Most information breaches pb to the aforesaid downstream risks, similar phishing scams, relationship takeovers and individuality theft. Building these habits present tin assistance support you crossed each your online accounts.

Cybercriminals often usage nationalist posts and countdowns to unit companies into responding quickly. (Sebastian Kahnert/picture confederation via Getty Images)

1) Watch for phishing attempts

Scammers often instrumentality vantage of breach headlines to make panic. Be cautious with emails, calls oregon texts that notation your net relationship billing problems oregon work changes. If a connection pushes urgency oregon pressure, intermission earlier responding.

2) Avoid suspicious links and attachments

Do not click links oregon unfastened attachments tied to relationship notices oregon outgo issues. Instead, unfastened a caller browser model and spell straight to the company's authoritative website oregon app. Strong antivirus bundle adds different furniture of extortion against malicious downloads.

The champion mode to safeguard yourself from malicious links that instal malware, perchance accessing your backstage information, is to person beardown antivirus bundle installed connected each your devices. This extortion tin besides alert you to phishing emails and ransomware scams, keeping your idiosyncratic accusation and integer assets safe.

Get my picks for the champion 2026 antivirus extortion winners for your Windows, Mac, Android & iOS devices astatine Cyberguy.com

3) Update your relationship passwords

Change your Brightspeed relationship password and reappraisal passwords connected different important accounts. Use strong, unsocial passwords that you bash not reuse elsewhere. A trusted password manager tin make and store analyzable passwords, which makes relationship takeovers overmuch harder.

Next, spot if your email has been exposed successful past breaches. Our #1 password manager (see Cyberguy.com/Passwords) prime includes a built-in breach scanner that checks whether your email code oregon passwords person appeared successful known leaks. If you observe a match, instantly alteration immoderate reused passwords and unafraid those accounts with new, unsocial credentials.

Check retired the champion expert-reviewed password managers of 2026 astatine Cyberguy.com

4) Reduce your information footprint

Personal information spreads softly crossed information broker sites. Using a information removal work tin assistance bounds however overmuch of your accusation is publically available. Less exposed information means less opportunities for scammers to people you.

While nary work tin warrant the implicit removal of your information from the internet, a information removal work is truly a astute choice. They aren't cheap, and neither is your privacy. These services bash each the enactment for you by actively monitoring and systematically erasing your idiosyncratic accusation from hundreds of websites. It's what gives maine bid of caput and has proven to beryllium the astir effectual mode to erase your idiosyncratic information from the internet. By limiting the accusation available, you trim the hazard of scammers cross-referencing information from breaches with accusation they mightiness find connected the acheronian web, making it harder for them to people you.

Check retired my apical picks for information removal services and get a escaped scan to find retired if your idiosyncratic accusation is already retired connected the web by visiting Cyberguy.com

Get a escaped scan to find retired if your idiosyncratic accusation is already retired connected the web: Cyberguy.com

5) Turn connected relationship alerts

Brightspeed lets customers crook connected relationship and billing alerts done the My Brightspeed tract oregon app. You tin take which notifications you person by email oregon text. Alerts tin assistance you drawback antithetic enactment aboriginal and respond earlier much harm occurs.

6) Monitor your fiscal accounts closely

Check slope and recognition paper statements often. Look for tiny oregon unfamiliar charges since criminals sometimes trial stolen information with low-dollar transactions earlier attempting larger fraud.

7) Consider fraud alerts oregon a recognition freeze

If delicate accusation whitethorn person been exposed, placing a fraud alert oregon recognition frost tin adhd protection. These steps marque it harder for criminals to unfastened caller accounts successful your name. To larn much astir however to bash this, spell to Cyberguy.com and hunt "How to frost your credit." 

You whitethorn besides privation to see an individuality theft extortion work that monitors for suspicious enactment and sends alerts. Identity Theft companies tin show idiosyncratic accusation similar your Social Security fig (SSN), telephone number, and email address, and alert you if it is being sold connected the acheronian web oregon being utilized to unfastened an account. They tin besides assistance you successful freezing your slope and recognition paper accounts to forestall further unauthorized usage by criminals.

See my tips and champion picks connected however to support yourself from individuality theft astatine Cyberguy.com

When idiosyncratic and billing accusation is exposed, the hazard extends beyond 1 institution to mundane customers. (Pixelfit/Getty Images)

Kurt's cardinal takeaways

Brightspeed's probe is inactive unfolding, and the institution says it volition stock updates arsenic it learns more. Until then, the claims item however invaluable lawsuit information has go and however aggressively extortion groups are targeting infrastructure providers. For customers, caution is the champion defense. For companies, transparency and velocity volition substance if these claims crook retired to beryllium real.

Do you consciousness companies are doing capable to support your idiosyncratic information safe? Let america cognize by penning to america astatine Cyberguy.com

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report Get my champion tech tips, urgent information alerts and exclusive deals delivered consecutive to your inbox. Plus, you’ll get instant entree to my Ultimate Scam Survival Guide — escaped erstwhile you articulation my CYBERGUY.COM newsletter 

Copyright 2026 CyberGuy.com.  All rights reserved.