Charter Communications Breach Impacts 4.9M Accounts
ShinyHunters hacked Charter Communications via vishing in early April, accessing a Salesforce instance and stealing data on 4.9 million accounts. Names, emails, phone numbers, physical addresses and some job titles were later leaked after Charter refused ransom. The telecom firm confirmed no sensitive personal or CPNI data was taken and notified authorities.
- names
- email addresses
- phone numbers
- physical addresses
- job titles
On May 29, 2026, Charter Communications disclosed that attackers had stolen personal information belonging to 4.9 million customer accounts after gaining access to an internal Salesforce instance through vishing.
Public reporting indicates the intrusion occurred in early April when the group known as ShinyHunters used voice phishing techniques to compromise credentials. Once inside the Salesforce environment, the attackers extracted names, email addresses, phone numbers, physical addresses, and in some cases job titles. After Charter refused to pay a ransom demand, the group published the data. The company stated that no customer proprietary network information (CPNI), financial data, or Social Security numbers were accessed. Charter notified law enforcement and affected individuals.
Want the rest of this breakdown?
Sign up free to keep reading. Members get extended access, the weekly breach digest, and a complimentary Warden™ to see if their identity is exposed in the breaches we cover.
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →