Hackers allegedly stole 40 million records from Charter Communications — everything you need to know

In April, Charter Communications suffered a data breach via the hacking group ShinyHunters. The company recently confirmed that the breach occurred, but has been insistent that no sensitive information was taken.Charter is a large broadband provider that includes the Spectrum brand, which serves millions of customers across the entire United States.The company confirmed the breach to Tom's Guide and said it launched protocols and alerted authorities about the incident. Charter said that no sensitive personal or business information was stolen."We are aware of the situation, following our security protocols and are working with appropriate authorities," a Charter spokesperson said. "No sensitive personal information (PI) or customer proprietary network information (CPNI) data was exfiltrated by the threat actor as a result of recent activity."Contradictory statements

(Image credit: Shutterstock)Charter's statement on the matter does seem to contradict statements from the ShinyHunters hacking group. The group claims that it stole 40 million records containing the personal information of home and business customers.The group reportedly told BleepingComputer that it breached Charter on April 1 through a voice phishing attack that was used to compromise an employee account.ShinyHunters claims the data includes customer names, email addresses, phone numbers, plan information and some CPNI data. The group also said it had some support ticket data.Get instant access to breaking news, the hottest reviews, great deals and helpful tips.ShinyHunters is on a tearThe threat actor ShinyHunters has been active since 2019, but in 2026 alone, we've tracked at least three separate data breaches claimed by the group. And there have been others targeting business users and not consumers, like Salesforce, that we haven't covered.The first one we covered was a Panera breach in February that exposed information for more than 5 million customers. The identity protection company Aura suffered a nearly 1 million-person data breach in March that exposed customer information.And just last month, the security company ADT was hit by a breach that affected 5.5 million customers, who saw stolen information leaked online.How to stay safe after a data breach