Arkana Security Group Claims Hack of US Telecom Provider WideOpenWest (WOW!)
A new ransomware group, Arkana Security, has made a bold claim of breaching the telecommunications provider WideOpenWest (WOW!), stealing customer data from over 403,000 and 2.2 million accounts.
WideOpenWest is a US-based telecommunications company that provides broadband internet, cable TV, and phone services to residential and business customers in the Midwest and Southeast regions. The company has built its reputation on offering high-speed internet and competitive pricing in markets where it competes with larger providers.
The Arkana group recently emerged in the threat landscape, touting its capabilities as a post-pentest service provider, offering data security and risk management services to victims of cyber attacks. However, its latest claim has left many in the cybersecurity community on high alert.
The Stolen Data
The compromised data includes usernames, passwords, security details, emails, and Firebase integration data from the two breached databases. The group claims that it has fully compromised WOW!'s internal systems, including AppianCloud and Symphonica platforms, putting both customer data and operational infrastructure at significant risk.
The Threat
"We have fully compromised Wide Open West (WOW!), gaining access to highly sensitive customer data and servers," reads the statement published by the group on its Tor leak site. "If you don’t act, we will expose and sell this data." The group warns that if the company fails to pay, the breach will go public, exposing victims' personal information and embarrassing executives.
The Consequences
Arkana Security claims that WOW!'s infrastructure is a "complete disaster" with non-existent security measures in place. The group attributes the poor state of security to the company's failure to invest in protecting its systems, which has led to severe consequences for both customers and the organization itself.
The Implications
At this time, the group also listed another organization, Oregon Surveillance Network, on the leak site. The breach has resulted in the complete takeover of WOW!'s systems, customer-facing devices, and backend servers, posing a serious threat to its entire customer base, including critical infrastructure sectors relying on their services.
Millions of customers and corporate clients are potentially affected, with the full scale of the attack yet to be fully realized. The incident serves as a stark reminder of the importance of robust cybersecurity measures in protecting sensitive data and preventing such breaches from occurring in the first place.
The Response
WOW! has not yet confirmed the alleged data breach, but the incident is likely to have far-reaching consequences for both customers and the company itself. As the situation unfolds, it will be essential to monitor developments and provide guidance on how best to protect against similar threats in the future.
If you're interested in staying up-to-date with the latest cybersecurity news and updates, follow me on Twitter: @securityaffairs and Facebook, as well as Mastodon.