Up to 320,000 accounts belonging to Time Warner Cable customers appear to have been compromised by online criminals. But it's not time to panic yet.
There's no indication that the servers of Time Warner Cable itself, which has about 12.4 million broadband subscribers, were breached. Rather, it seems that the stolen login credentials, which correspond to email addresses with the "rr.com" suffix, were aggregated from previous data thefts.
"The emails and passwords were likely previously stolen either through malware downloaded during phishing attacks or indirectly through data breaches of other companies that stored TWC customer information, including email addresses," a Time Warner Cable spokesman told CSO Online's Steve Ragan today (Jan. 7). "For those customers whose account information was stolen, we are contacting them individually to make them aware and to help them reset their passwords."
MORE: What to Do After a Data Breach
If you've got one of those "rr.com" email addresses, you should probably now change your Time Warner Cable password, as well as on all other accounts that used that password and the Time Warner Cable email address. (The "rr" stands for RoadRunner, a former brand name for Time Warner Cable's broadband service, and the full suffix will incorporate your local region, e.g. "@nyc.rr.com.") You can start at the RoadRunner Password Reset Tool at http://pt.rr.com/.
There was no indication that Time Warner Cable email addresses ending in "roadrunner.com" or "twc.com" were affected.
However, if you get an email purporting to be from Time Warner Cable regarding a password reset, don't click on any links embedded within the body of the email. The email might be fake, and the embedded link might be part of a phishing scam designed to steal, yup, your Time Warner Cable login credentials.
A Time Warner Cable spokesperson told NBC News yesterday (Jan. 6) that the FBI had contacted the cable company about the compromised accounts. The spokesperson indicated that another shoe may be about to drop: The FBI apparently informed other Internet service providers (ISPs) that accounts registered with them had also been compromised, but none of those other ISPs have yet come forward.
The larger Time Warner Inc. spun off Time Warner Cable as a separate entity in 2009. In 2012, Time Warner Cable stopped using the RoadRunner brand name, which it was licensing from Time Warner. New subscribers to Time Warner Cables' broadband services receive "twc.com" email addresses instead of "rr.com" ones.