Emotet now drops Cobalt Strike, fast forwards ransomware attacks
SonicWall ‘strongly urges’ customers to patch critical SMA 100 bugs
Grafana fixes zero-day vulnerability after exploits spread over Twitter
Microsoft starts rolling out redesigned Notepad for Windows 11
Cox discloses data breach after hacker impersonates support agent
SanDisk SecureAccess bug allows brute forcing vault passwords
Fujitsu pins Japanese govt data breach on stolen ProjectWEB accounts
Learn how to take charge of Microsoft products with 17 courses for $60
Qualys BrowserCheck
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
IT Certification Courses
Gear + Gadgets
Cox app
Cox Communications has disclosed a data breach after a hacker impersonated a support agent to gain access to customers’ personal information.
Cox Communications, aka Cox Cable, is a digital cable provider and telecommunication company that provides internet, television, and phone services in the USA.
This week, customers began receiving letters in the mail disclosing that Cox Communications learned on October 11th, 2021, that “unknown person(s)” impersonated a Cox support agent to access customer information.
There are not a lot of details about the security incident, but the hacker likely used a social engineering attack to gain access to Cox internal systems that provided information about customers.
“On October 11, 2021, Cox learned that an unknown person(s) had impersonated a Cox agent and gained access to a small number of customer accounts. We immediately launched an internal investigation, took steps to secure the affected customer accounts, and notified law enforcement of the incident,” reads the data breach notification signed from Amber Hall, Chief Compliance and Privacy Officer of Cox Communications.
“After further investigation, we discover that the unknown person(s) may have viewed certain types of information that are maintained in your Cox customer account, including your name, address, telephone number, Cox account number, Cox.net email address, username, PIN code, account security question and answer, and/or the types of services that you receive from Cox.”
In summary, the data breach exposed the following sensitive information for affected customers:
While Cox does not state that financial information or passwords were accessed, they are advising affected customers to monitor their financial accounts and to change passwords on other accounts using the same one as the Cox customer account. 
Cox is offering affected customers a free one-year Experian IdentityWorks that can be used to monitor credit reports and detect signs of fraudulent activity.
In a statement to BleepingComputer, Cox said that they have reported the incident to law enforcement and that it only affected a small number of customers.
“The security of the services we provide to customers is a top priority. A recent security incident impacted a small number of customer accounts. We promptly launched an investigation and took steps to secure the affected accounts and have implemented additional security controls to further safeguard their information. We are working with law enforcement and have notified all impacted customers.” – Cox.
When we asked further questions regarding the number of affected customers and how the breach took place, we did not receive a response.
Media conglomerate Cox Media Group suffered a ransomware attack in June 2021 that took down live TV and radio broadcast streams. The ransomware attack and this incident do not appear to be related.
If you are affected by this data breach or are simply concerned about the safety of your Cox account, you should perform the following steps:
Once again, while Cox did not disclose that financial information was accessed by the threat actor, due to the amount of data exposed, all affected customers should monitor their credit reports for unusual activity.
Utah medical center hit by data breach affecting 582k patients
Planned Parenthood LA discloses data breach after ransomware attack
DNA testing firm discloses data breach affecting 2.1 million people
Marine services provider Swire Pacific Offshore hit by ransomware
7 million Robinhood user email addresses for sale on hacker forum
Not a member yet? Register Now
Google disrupts massive Glupteba botnet, sues Russian operators
Grafana fixes zero-day vulnerability after exploits spread over Twitter
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.


You May Also Like

Marine services provider Swire Pacific Offshore hit by ransomware

Hackers exploit Microsoft MSHTML bug to steal Google, Instagram credsApple sues spyware-maker…

Microsoft to set Windows Terminal as default console in Windows 11

Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flawsNew ransomware now…

Fake support agents call victims to install Android banking malware

FBI: Cuba ransomware breached 49 US critical infrastructure orgsResearchers discover 14 new…

Hackers steal Microsoft Exchange credentials using IIS module

Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flawsBugs in billions…