Cox Communications has disclosed a data breach after a hacker impersonated a support agent to gain access to customers’ personal information. The data breach exposed sensitive information held by the cable television provider, like customer addresses, account numbers, email addresses, PIN codes and more.
According to Cox: “On October 11, 2021, Cox learned that an unknown person(s) had impersonated a Cox agent and gained access to a small number of customer accounts. We immediately launched an internal investigation, took steps to secure the affected customer accounts, and notified law enforcement of the incident” (as reported by Bleeping Computer).
While Cox does not state that financial information or passwords were accessed, they are advising affected customers to monitor financial accounts. These notifications went out during December 2021.
Looking into the matter for Digital Journal is Matt Sanders, Director of Security at LogRhythm.
According to Sanders, the incident “Serves as a reminder that data breaches can happen in many ways, and often are the result of human error.”
An example of human error is the ‘attention gap’, such as something within the external environment (such as noise, light, vibration etc) that distract the individual. This is sometimes associated with the performing of familiar tasks that require little conscious attention. This ‘skill-based’ errors will occur if attention is diverted, even momentarily.
In relation to cybersecurity and data breach incidences, Sanders finds: “Social engineering tactics like impersonating trusted colleagues or partners have proven highly successful time and again.”
So, what are the implications for Cox? Sanders identifies these as: “Now that the hacker(s) are armed with a high volume of personally identifiable information (PII), Cox customers are at risk of additional phishing emails and other forms of fraud at the hands of threat actors.”
In terms of the best response by those impacted by this nefarious activity, Sanders recommends: “Customers should ensure they are using security best practices such as updating their passwords and leveraging two-factor authentication to protect their accounts.”
As for businesses like Cox, there are lessons to be learned from the incident. Sanders presents these as: “In order to quickly detect and neutralize security threats such as this one, it is essential for organizations to have the proper controls in place, and to also provide training to employees to better help them identify suspicious or fraudulent emails.”
Sanders’ final recommendation runs: “Detection and response capabilities, authentication and access controls, and real-time monitoring and visibility are crucial to protecting valuable customer data.”