The ShinyHunters extortion group breached Charter Communications, a major U.S. telecommunications provider, by compromising an employee's Microsoft Entra account via a voice phishing attack. They subsequently exfiltrated customer records from the company's Salesforce instance, claiming to have stolen 40 million records containing names, email addresses, and other customer data.
Initial Access
Vishing Employee Account
confirmed
ShinyHunters initiated the attack on April 1 through a voice phishing (vishing) attack targeting a Charter employee.
Defender cut points
Implement robust security awareness training against social engineering tactics like vishingEnforce strict call verification protocols for internal requests
