Charter Communications (Spectrum) Data Breach Investigation
Chimicles Schwartz Kriner & Donaldson-Smith is investigating potential class action claims against Charter Communications, Inc., operator of the Spectrum brand, following a data security incident that may have impacted the personal information of millions of current and former Spectrum customers, business account users, and employees. According to public reports and the threat actor’s own statements, the incident has been linked to the extortion group known as ShinyHunters, which has claimed responsibility for exfiltrating tens of millions of records from Charter’s Salesforce customer relationship management environment.
What Happened at Charter Communications?
On or around April 1, 2026, an unauthorized third party gained access to Charter’s internal systems after social engineering a Charter employee through a voice phishing (vishing) attack targeting Microsoft Entra (Azure Active Directory) credentials. Once inside, the attacker pivoted to Charter’s Salesforce CRM environment and exfiltrated a large volume of customer and employee data. The threat actor, ShinyHunters, subsequently attempted to extort Charter and, after Charter reportedly refused to pay, listed the company on its dark web data leak site and began publishing portions of the stolen dataset. Public disclosure of the incident emerged in late May 2026.
What Information Was Compromised?
The compromised data varies by individual but may include, but is not limited to, the following:
- Full name
- Email address (including corporate and business domains)
- Home and business mailing addresses
- Telephone numbers
- Spectrum account, plan, and service details
- Customer support ticket content and history
- Employee records, including job titles and certain personal contact information
The threat actor has claimed that as many as 40 to 42 million records were exfiltrated, while independent analysis of the leaked dataset has confirmed information tied to approximately 13 million or more individuals, along with roughly 27,000 employee records. However, Charter has publicly stated that no sensitive personal information or customer proprietary network information was exposed.
Why Is This Important?
The exposure of this information places affected individuals at a significantly increased risk of targeted phishing and spearphishing campaigns, account takeover attempts, business email compromise, identity theft, and other related harms.
What Should You Do?
If you are a current or former Spectrum customer, a Spectrum Enterprise or business account holder, or a current or former Charter Communications employee, and you believe your personal information may have been compromised in connection with this incident, please contact one of our data breach attorneys by filling out the form below to learn more about your legal rights.
(*) Indicates required field: When communicating with us through this site or otherwise in connection with a matter for which we do not already represent you, your communication may not be treated as privileged or confidential, and does not create an attorney-client relationship between you and our Firm.
