← Back to incidents

Incident · Cyber Criminals

Frontier Communications Parent, Inc. · FYBR

Communication ServicesUSAIncident April 14, 2024Filed April 18, 2024
Impact score
Business continuity
Effective
Insurance involved
Not disclosed
Filing
8-K · 1.05

Breach taxonomy

Cyber CriminalsData ExfilSystem OutagePersonal DataRevenue ProcessInfo Privacy LossBiz Interruption

Summary

On April 14, 2024, Frontier Communications detected that a cybercrime group had gained unauthorized access to portions of its IT environment, accessing personally identifiable information. Containment measures included shutting down certain systems, resulting in an operational disruption that the company characterized as potentially material. By the filing date, Frontier believed it had contained the incident and restored its core IT environment, with normal business operations being restored.

Tagging rationale

ThreatCyber Criminals

Filing states the company determined the third party was likely a cybercrime group — explicit attribution to cybercriminal actors.

MethodsData ExfilSystem Outage

Filing states the third party gained access to PII (data exfiltration) and containment required shutting down certain systems (system outage).

AssetsPersonal DataRevenue Process

Filing confirms the cybercrime group gained access to personally identifiable information and systems were shut down, affecting both personal data and revenue-generating operations.

EffectsInfo Privacy LossBiz Interruption

Filing discloses both PII access (information privacy loss) and an operational disruption that could be considered material (business interruption).

Business continuityEffective

Filing states the company initiated cyber incident response protocols and by the filing date had contained the incident and restored its core IT environment → Effective.

Impact

Cybercrime group accessed PII and caused material operational disruption to a major telecom provider; systems restored by filing date but PII was compromised.

InsuranceNot disclosed

Filing makes no mention of insurance.

Read the original SEC filing excerpt
Item 1.05 Material Cybersecurity Incidents. On April 14, 2024, Frontier Communications Parent, Inc. detected that a third party had gained unauthorized access to portions of its information technology environment. Upon detection, the Company initiated its previously established cyber incident response protocols and took measures to contain the incident. As part of this process, the containment measures, which included shutting down certain of the Company's systems, resulted in an operational disruption that could be considered material. Based on the Company's investigation, it has determined that the third party was likely a cybercrime group, which gained access to, among other information, personally identifiable information. As of the date of this filing, the Company believes it has contained the incident and has restored its core information technology environment and is in the process of restoring normal business operations. The Company continues to investigate the incident, has engaged cybersecurity experts, and has notified law enforcement authorities. The Company does not believe the incident is reasonably likely to materially impact the Company's financial condition or results of operations.
View SEC filingBack to database

More in Communication Services

Unknown · February 3, 2025

Lee Enterprises, Incorporated

On February 3, 2025, Lee Enterprises experienced a systems outage when threat actors accessed the network, encrypted critical applications,

Cyber Criminals · May 20, 2024

Live Nation Entertainment, Inc.

On May 20, 2024, Live Nation Entertainment identified unauthorized activity within a third-party cloud database environment (Snowflake) cont

Cyber Criminals · April 14, 2024

AT&T Inc.

Between April 14 and April 25, 2024, threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and exfiltrated cal