google.com, pub-8701563775261122, DIRECT, f08c47fec0942fa0
USA

Brightspeed hackers allegedly steal 1 million customer records in data breach

Brightspeed hackers allegedly steal 1 million customer records in data breach

NEWYou can now listen to Fox News articles!

Brightspeed, one of the largest fiber broadband providers in the US, is investigating allegations that hackers stole sensitive data belonging to more than a million customers.

The allegations emerged when a group calling itself Crimson Collective posted messages on Telegram warning Brightspeed employees to check their emails. The group claimed to have access to more than a million residential customer records and threatened to release sample data if the company did not respond.

At this point, Brightspeed has not confirmed a breach. But the company says it is actively investigating what it calls a potential cybersecurity incident.

DATA BREACH EXPOSES INFORMATION OF 400,000 BANK CUSTOMERS

Fiber networks carry large amounts of personal data, making internet providers attractive targets for extortion groups. (Photo: Philip Dulian/Image alliance via Getty Images)

Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent safety alerts and special deals straight to your inbox. You’ll also get instant access to my Ultimate Scam Survival Guide — free when you join me CYBERGUY.COM newsletter

What hackers say they stole

According to Crimson Collective, the stolen data includes a wide range of personal information. The group claims to have access to:

  • Customer names, email addresses and phone numbers
  • Home and billing addresses
  • User account details linked to login or user IDs
  • Payment history and partial payment card information
  • Appointment and order records linked to customer accounts

If true, this data combination could pose serious identity theft and fraud risks for affected customers.

Brightspeed responded to the allegations

Brightspeed continues to confirm the allegations but says it takes the situation seriously.

In a statement shared with BleepingComputer, the company said it is carefully monitoring threats and working to understand what they are. Brightspeed added that it will keep customers, employees and authorities informed as more details emerge.

To date, there has been no public notification on Brightspeed’s website or social media channels confirming that customer data has been exposed.

Who is Brightspeed and why is this important?

Brightspeed is a US telecommunications and internet service provider founded in 2022 after Apollo Global Management acquired local currency assets from Lumen Technologies.

Headquartered in Charlotte, North Carolina, the company serves rural and suburban communities in 20 states. It has rapidly expanded its fiber footprint, passing more than two million homes and businesses and aiming to reach more than five million locations.

Because Brightspeed focuses on underserved areas, many customers rely on it as their primary internet provider. This makes any potential breach particularly concerning.

A closer look at Crimson Collective

Crimson Collective is not new to high-profile targets. In October, the group breached a GitLab instance connected to Red Hat, stealing hundreds of gigabytes of internal development data.

This incident was later reflected abroad. In December, Nissan confirmed that the personal data of approximately 21,000 Japanese customers had been exposed in the same breach.

Recently, researchers say Crimson Collective has been targeting cloud environments, including Amazon Web Services, by misusing exposed credentials and creating fraudulent access accounts to escalate privileges.

In other words, the group has a history that makes its claims difficult to ignore.

What might this mean for customers?

While Brightspeed has not confirmed a breach, the allegations alone are enough to raise red flags. If customer data is accessed, it can be used for phishing fraud, account takeover or payment fraud.

Cybercriminals often act quickly after breaches. This means customers need to be alert even before an official notification appears.

CyberGuy reached out to Brightspeed for comment and a spokesperson told us:

“We take the security of our networks and the protection of our customers’ and employees’ information seriously and are diligent in this regard. ensuring the security of our networks and monitoring threats. We are currently investigating reports of a cybersecurity incident. “We will keep our customers, employees, stakeholders and authorities informed as we learn more.”

INCREASE IN SCAMS IN JANUARY: WHY SCAMS ARE INCREASING AT THE BEGINNING OF THE YEAR

How do you protect your personal data and online accounts?

Even if this Brightspeed research doesn’t affect your account, it’s worth following these steps. Most data breaches lead to the same downstream risks, such as phishing scams, account takeover, and identity theft. Creating these habits now can help you stay protected across all your online accounts.

The woman is typing on her phone.

Cybercriminals often use public posts and countdowns to force companies to respond quickly. (Photo: Sebastian Kahnert/Image alliance via Getty Images)

1) Watch out for phishing attempts

Scammers often use breach headlines to create panic. Be wary of emails, calls, or messages that mention billing issues or service changes for your internet account. If a message creates urgency or pressure, pause before responding.

2) Avoid suspicious links and attachments

Do not click on links or open attachments linked to account notifications or payment issues. Instead, open a new browser window and go directly to the company’s official website or app. Powerful antivirus software adds another layer of protection against malicious downloads.

The best way to protect yourself from malicious links that install malware and potentially access your private information is to have strong antivirus software installed on all your devices. This protection also keeps your personal information and digital assets safe by alerting you to phishing emails and ransomware scams.

Get my picks for the 2026 winners for the best antivirus protection for your Windows, Mac, Android, and iOS devices at: cyberguy.com

3) Update your account passwords

Change the password for your Brightspeed account and review passwords for other important accounts. Use strong, unique passwords that you won’t reuse elsewhere. A reliable password manager can create and store complex passwords, making accounts much more difficult to hack.

Next, see if your email has been subject to past breaches. Our #1 pick for password managers (see Cyberguy.com/Passwords) includes a built-in breach scanner that checks to see if your email address or passwords appear in known leaks. If you find a match, immediately replace reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2026 at: cyberguy.com

4) Reduce your data footprint

Personal data is silently disseminated across data broker sites. Using a data removal service can help you limit how much of your information is publicly available. Less exposed data means fewer opportunities for scammers to target you.

While no service can guarantee complete removal of your data from the internet, a data removal service is truly a smart choice. They’re not cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically deleting your personal information from hundreds of websites. This is what gives me peace of mind and has proven to be the most effective way to delete your personal data from the internet. By limiting the information available, you reduce the risk of fraudsters cross-referencing data obtained from breaches with information they can find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and run a free scan to see if your personal information is already on the internet by visiting: cyberguy.com

Take advantage of free scanning to find out if your personal information is already on the internet: cyberguy.com

5) Turn on account alerts

Brightspeed allows customers to turn on account and billing alerts through the My Brightspeed site or app. You can choose which notifications you receive via email or text. Alerts can help you catch unusual activity early and intervene before further damage occurs.

6) Monitor your financial accounts closely

Check your bank and credit card statements frequently. Investigate minor or unusual charges, as criminals sometimes test stolen data with low-dollar transactions before attempting larger frauds.

7) Consider fraud alerts or credit freezes

Issuing a fraud alert or freezing credit can increase protection if sensitive information is exposed. These steps make it harder for criminals to open new accounts in your name. To learn more about how to do this, go to: cyberguy.com and call “How do you freeze your credit?”

You may also consider an identity theft protection service that monitors suspicious activity and sends alerts. Identity Theft companies can track your personal information, such as your Social Security Number (SSN), phone number, and email address, and alert you if it is sold on the dark web or used to open an account. They can also help freeze your bank and credit card accounts to prevent further unauthorized use by criminals.

See my tips and top picks on how to protect yourself from identity theft at: cyberguy.com

Woman holds her face after looking at her computer

When personal information and billing information is exposed, the risk extends beyond a company to ordinary customers. (Pixelfit/Getty Images)

Kurt’s important takeaways

Brightspeed’s investigation is still ongoing, and the company says it will share updates as it learns more. Until then, the allegations highlight how valuable customer data has become and how aggressively extortion groups are targeting infrastructure providers. For customers, caution is the best defense. If these claims are true, transparency and speed will be important for companies.

Do you think companies are doing enough to keep your personal data safe? Let us know by writing to us. cyberguy.com

CLICK TO DOWNLOAD FOX NEWS APPLICATION

Sign up for my FREE CyberGuy Report Get my best tech tips, urgent safety alerts and special deals straight to your inbox. You’ll also get instant access to my Ultimate Scam Survival Guide — free when you join me CYBERGUY.COM newsletter

Copyright 2026 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutsson is an award-winning technology journalist with a deep love for technology, hardware and devices that make life better, with his morning appearances on “FOX & Friends” and his contributions to Fox News and FOX Business. Have a technical question? Get Kurt’s free CyberGuy Newsletter and share your voice, story idea or comment CyberGuy.com.

Tags

Related Articles

India rupee sinks to record low, US tariffs keep outlook fragile

India rupee sinks to record low, US tariffs keep outlook fragile

September 11, 2025
Palo Alto Networks (PANW) Q2 2026 earnings

Palo Alto Networks (PANW) Q2 2026 earnings

February 18, 2026
Intercepted Iranian communications downplay damage from US attack, Washington Post reports

Intercepted Iranian communications downplay damage from US attack, Washington Post reports

June 30, 2025
Tehran after Khamenei’s death: Rallies of mourning but also dancing in the streets

Tehran after Khamenei’s death: Rallies of mourning but also dancing in the streets

March 2, 2026

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button