Texas-based Frontier Communications, which provides local residential and business telecom services in 25 states, has shut down its operations in the wake of a cyberattack that resulted in the theft of personally identifiable information (PII).

The breach occurred four days ago on April 14, when it detected a breach by an unauthorized third party who had gained access to “portions of its information technology environment,” according to an incident filing with the US Securities & Exchange Commission (SEC).

As part of its containment efforts, Frontier took “certain of the company’s systems [offline, which] resulted in an operational disruption that could be considered material.” It reported that while its core IT environment is up and running, normal business operations have yet to resume; and as of this writing, the telco’s website was still offline.

Frontier didn’t disclose what PII the cyberattacker accessed or who’s affected, nor the suspected nature of the adversary. Telecom companies are a popular target for both financially motivated attackers as well as advanced persistent threats (APT), given the rich data repositories they hold. For instance, the Sandman APT was behind a prolific string of attacks last fall bent on stealing call-data records, mobile subscriber identity data, and metadata from carrier networks.

“The company continues to investigate the incident, has engaged cybersecurity experts, and has notified law enforcement authorities,” according to the SEC filing. “The company does not believe the incident is reasonably likely to materially impact the company’s financial condition or results of operations.”

Source: www.darkreading.com