Brightspeed, a telecommunications company that provides broadband internet and voice services to residential and business customers across multiple US states, said it is investigating a possible cyberattack after a threat group claimed to have accessed customer data. The company said it is reviewing the allegations and assessing whether its systems were compromised.
The claims were made by a group calling itself Crimson Collective, which alleged it obtained personal information linked to more than one million Brightspeed customers. According to statements published by the group, the data purportedly includes names, service and billing addresses, email addresses, phone numbers, and account-related details. The group also released a small set of sample records that it said were taken from Brightspeed systems.
Brightspeed has not confirmed that a breach has occurred. In a statement, the company said it is aware of the claims and is taking them seriously. It said it is working to determine the validity and scope of the allegations and is engaging cybersecurity specialists and law enforcement as part of its investigation. The company did not say whether customer or employee data had been accessed.
The threat group did not provide details about how it claims to have gained access to the data or when the alleged intrusion took place. Brightspeed has not confirmed that the information shared by the group originated from its systems, and the company said the investigation is still at an early stage.
Cybersecurity experts note that threat actors sometimes publish limited samples of data to support extortion attempts or to pressure organisations into negotiations. Until a company completes forensic analysis, it can be difficult to determine whether such data is authentic, outdated, or sourced from a different incident.
If the claims were verified, the exposure of customer contact and account information could increase the risk of phishing or other fraudulent activity targeting Brightspeed users. Telecommunications providers typically manage large volumes of personal data, making them frequent targets for cybercrime.
Brightspeed said it will provide further information if its investigation confirms unauthorised access to its systems or data. The company has advised customers to remain cautious about unsolicited messages and to follow standard security practices while the review continues.