// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
ColdRecon / Breach Radar / Charter Communications
Breach Record

Charter Communications

DISCLOSED 2026-04-01 · PHISHING · 40,000,000 RECORDS EXPOSED

On April 1, 2026, a Charter Communications employee fell victim to a vishing call, leading to a breach of 40 million customer records. The company acknowledged the incident on May 26, 2026. The threat actor ShinyHunters gained access to Salesforce data through the compromised credentials.

The record

What we know

Disclosed
2026-04-01
Attack vector
Phishing
Sector
telecommunications
Records exposed
40,000,000
Data classes exposed
customer records
ColdRecon assessment

Could a positive-security control have prevented this?

Verdict · no · opinion

The attack used social engineering (vishing) to obtain credentials, not endpoint exploitation. A positive-security model on endpoints would not have prevented credential theft or subsequent cloud access.

Our assessments are opinion, grounded in the cited public facts. Read them critically.

Sources

Cited reporting

Similar vector · recent

Other phishing breaches on file

This page is the permanent ColdRecon entry for the Charter Communications disclosure. It updates if new public reporting emerges. All tracked breaches →

Charter Communications just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →