-
Several customers have filed class-action lawsuits against Charter Communications over a reported cyberattack that allegedly exposed more than 42 million records.
-
Plaintiffs claim the company failed to implement adequate security measures, leaving sensitive customer information vulnerable to hackers.
-
The alleged attackers say they gained access through a voice phishing scheme and extracted customer data from Charter’s Salesforce environment.
Charter Communications is facing multiple lawsuits after a reported data breach allegedly exposed millions of customer records and raised concerns about the company’s cybersecurity practices.
Several customers filed class-action complaints in federal court in Connecticut last week, accusing the telecommunications giant of failing to adequately protect sensitive customer information.
The lawsuits stem from a cyberattack that reportedly occurred in early April and may have affected more than 42 million records containing personally identifiable information.
The plaintiffs argue that Charter’s security measures fell short of industry expectations and allowed threat actors to gain access to customer data. The lawsuits seek unspecified damages for customers who may now face long-term risks related to fraud, identity theft, and privacy violations.
Customers Claim Breach Created Lasting Security Risks
A New York resident, Dana Dang, who alleges that cybercriminals accessed customer information, filed one of the lawsuits because Charter did not take reasonable steps to safeguard personal data.
According to the complaint, hackers obtained personally identifiable information belonging to customers and allegedly distributed or exposed the data to unauthorized parties online. The filing states that affected individuals now face an elevated risk of identity theft, financial fraud, privacy intrusions, and other forms of criminal activity that could persist indefinitely.
The lawsuit further argues that customers must now spend significant time and resources protecting themselves from potential abuse. According to the filing, affected individuals may need to continuously monitor financial accounts, review credit activity, update passwords more frequently, scrutinize communications for phishing attempts, and purchase identity theft protection services.
Nissan customers could face similar risks if the ransomware group follows through on its threat. The group is threatening to leak Nissan data after failed payment talks, highlighting the widespread impact of such breaches.
Charter did not immediately respond to media requests seeking comment on the lawsuits.
Threat Actor Claims Millions of Records in Custody
The legal complaints reference reporting from cybersecurity news outlet Bleeping Computer, which published details about an alleged breach involving the hacking group known as ShinyHunters.
According to the report, a post from the threat actors claimed that they compromised more than 42 million records containing personally identifiable information. The post also reportedly warned Charter to make payment or risk having the data go live publicly.
Bleeping Computer reported that the threat actors claimed they breached Charter on April 1 through a voice phishing attack that targeted an employee’s Microsoft Entra account. The attackers allegedly used the compromised account to access Charter’s systems and export customer information from the company’s Salesforce platform.
According to information attributed to the threat actors, the stolen records may include customer names, email addresses, phone numbers, physical addresses, service plan details, customer proprietary network information, and customer support ticket data.
The authenticity and full scope of the claims remain subject to further verification.
Lawsuits Add Pressure as Charter Pursues Major Merger
The growing legal challenges arrive at a significant time for Charter Communications, one of the largest telecommunications providers in the United States.
The company reported approximately 31.7 million customers as of the end of March. In May 2025, Charter announced plans to merge with Cox Communications in a deal that would create a larger combined telecommunications business.
Company officials previously stated that the merged organization would operate from Charter’s current headquarters in Stamford, Connecticut. The headquarters currently employs about 1,800 workers, and Charter Chief Executive Officer Chris Winfrey, from expectation, should continue leading the combined company, which will operate under the Cox Communications name.
As litigation moves forward, the lawsuits are likely to intensify scrutiny of Charter’s cybersecurity defenses and its handling of customer data. The outcome could also influence how telecommunications providers address data protection obligations as cyberattacks continue to target large organizations holding vast amounts of consumer information.
