Charter Communications has confirmed a data breach affecting millions of customers after cybercriminals gained access to sensitive information and later attempted to extort the company. The incident impacts customers of Charter’s Spectrum services and adds to a growing list of large-scale telecom breaches reported this year.
According to disclosures filed with regulators, the breach originated through a third-party cloud environment used by Charter. The company said attackers obtained unauthorized access to customer information stored within the platform and later contacted the company with extortion demands.
Charter stated that the affected data may include names, addresses, email addresses, phone numbers, dates of birth, account numbers, service details, and other customer-related records. The company said there is currently no evidence that passwords, financial account information, payment card data, or Social Security numbers were compromised in the incident.
The breach has been linked to a broader campaign targeting organizations that use cloud-based customer relationship management and identity platforms. Security researchers believe the attackers leveraged stolen credentials and social engineering techniques to gain access to cloud environments containing large volumes of customer data.
Researchers and threat intelligence analysts have associated the incident with the cybercriminal group ShinyHunters, which has been connected to a series of high-profile breaches affecting telecommunications providers, retailers, technology firms, and educational institutions. The group is known for stealing large customer databases and using extortion tactics rather than deploying ransomware.
Charter said it immediately launched an investigation after discovering the intrusion, hired external cybersecurity experts, and implemented additional security measures to prevent further unauthorized access. Law enforcement agencies were also notified and are assisting with the ongoing investigation.
The company has begun notifying affected individuals and is providing details about the categories of information involved. Charter stated that its network operations and customer services were not disrupted during the incident and that there is no indication attackers gained access to internal production systems.
Charter Communications is one of the largest telecommunications providers in the United States, serving millions of residential and business customers through its Spectrum internet, television, mobile, and voice services. The size of its customer base means the breach could rank among the more significant telecom data exposure incidents disclosed in 2026.