Cyber Incident Victim: Altice USA Inc.

In November 2020, an unauthorized third party gained access to employee email accounts at Altice USA Inc., the parent company of Optimum cable television and internet services, through a phishing campaign. Attackers obtained employee email credentials, enabling them to remotely access and download the contents of compromised mailboxes. The breach exposed sensitive personal information, including Social Security numbers and birth dates, belonging to all 12,000 current Altice employees. A limited number of former employees and Optimum customers were also affected, though the exact count of non-employee victims was not specified in the company's disclosure. Altice discovered the intrusion but did not publicly disclose the timeline of detection or containment actions taken during the incident response.

Altice formally notified impacted individuals about the breach on February 5, 2021, approximately three months after the initial compromise occurred. In the notification, the company stated it had "no information at this time" indicating misuse of the stolen data. Spokesperson Lisa Anselmo confirmed the breach stemmed from credential theft via phishing but did not elaborate on technical safeguards implemented post-incident. The compromised data included other unspecified personal information beyond Social Security numbers and birth dates, though the company did not detail the full scope of exposed attributes. No customer-facing systems or Optimum service operations were reported as affected, with the breach confined to employee email accounts. The incident marked a significant exposure of workforce data but did not trigger reports of immediate financial or operational disruptions to Altice's business activities.