Cyber Incident Victim: Time Warner Cable

In January 2016, Time Warner Cable (TWC) confirmed that approximately 320,000 customer accounts were compromised after the FBI alerted the company to a cache of stolen credentials. The exposed data included customer email addresses and passwords used to access TWC’s customer service portal, but no payment card details or other personal information. TWC initiated notifications to affected customers, urging them to reset their passwords and monitor bank statements for suspicious activity. Investigators found no evidence of a direct breach of TWC’s internal systems, suggesting the credentials were obtained externally. The FBI’s involvement in identifying the leak indicated third-party criminal activity rather than an intrusion into TWC’s infrastructure. While the exact method of credential collection remained unconfirmed, phishing campaigns, malware infections, or a breach of a TWC subcontractor were considered plausible sources. The scale of the theft—representing roughly 2% of TWC’s 16 million customers—highlighted the potential effectiveness of sustained credential-harvesting operations over time.

TWC’s public response emphasized password resets for impacted accounts and advised against password reuse across multiple services, noting criminals often test stolen credentials on other platforms. The company did not disclose technical specifics about the credential validation process or any internal security audits conducted following the incident. Concurrently, reports surfaced of a separate leak involving 200,000 Comcast customer credentials, underscoring broader industry vulnerabilities. TWC’s communications framed the incident as externally sourced, avoiding acknowledgments of internal security failures. No further details were provided regarding law enforcement investigations into the credential cache’s origins or the identity of the perpetrators. The incident remained confined to account access compromises without escalation to financial data theft or system disruptions.