Knock knock! Who’s there? The FBI….
This is never the way you’d like your day to play out. Last week, Time Warner was notified by the FBI that a cache of stolen credentials that appear to belong to Time Warner customers had been discovered.
At this point, the origination of the usernames and passwords is a bit of a mystery. Time Warner states:
“We have not yet determined how the information was obtained, but there are no indications that TWC’s systems were breached.
The emails and passwords were likely previously stolen either through malware downloaded during phishing attacks or indirectly through data breaches of other companies that stored TWC customer information, including email addresses.
For those customers whose account information was stolen, we are contacting them individually to make them aware and to help them reset their passwords.”
Time Warner customers who have not yet been contacted should still consider changing their passwords – there is no indication at this point if this is new or previously compromised password data, and a new password is never a bad idea.
Please share with anyone who is using Time Warner systems – friends, co-workers, weird relatives and neighbors as well. Remember that any password that is used twice isn’t a safe password – unique passwords are always the best practice. Password managers (LastPass, KeePass, etc.) are often a good idea to help maintain unique, difficult to decipher passwords.