At least four class-action complaints were filed last week in federal court in Connecticut that fault Stamford-based Charter for not putting in sufficient safeguards against a cyberattack in early April that reportedly exposed more than 42 million records with personal information.
"As a direct and proximate result of defendant's inadequate data security, and its breach of its duty to handle (personally identifiable information) with reasonable care, plaintiff's and class member's PII was accessed by hackers, and, upon information and belief, posted on the dark web and exposed to an untold number of additional unauthorized individuals," said part of the lawsuit filed by New York City resident Dana Dang. "Plaintiff and class members are now at a significantly increased and certain impending risk of fraud, identity theft, misappropriation of financial benefits, intrusion of their privacy, and similar forms of criminal mischief, and such risk may last for the rest of their lives."
A message left Monday for two Charter spokespersons that asked for the company's response to the lawsuits was not immediately returned.
A key source in Dang's lawsuit is an article that was posted last week on Bleeping Computer's website. The article contains a screenshot purportedly from the ShinyHunters website, which lists Charter in a heading and says, "Over 42M records containing PII have been compromised." The message in the screenshot also includes a "final warning" for the company to "pay or leak."
The article also said that ShinyHunters told Bleeping Computer that, "They breached Charter on April 1 through a voice phishing (vishing) attack that compromised an employee's Microsoft Entra account. The threat actor used this access to export millions of consumer and business customer records from the company's Salesforce instance."
Additionally, the article said, "According to the threat actor, the stolen records contain customer names, email addresses, addresses, phone numbers, phone type, plan information and some CPNI data. The threat actor also claims to have stolen customer support ticket data."
As a result of the reported cyberattack, Dang's lawsuit said that the plaintiff "must immediately devote time, energy, and money to: 1) closely monitor their Social Security and other benefits, bills, records, and credit and financial accounts; 2) change login and password information on any sensitive account even more frequently than they already do; 3) more carefully screen and scrutinize phone calls, emails, and other communications to ensure that they are not being targeted in a social engineering or spear phishing attack; and 4) search for suitable identity theft protection and credit monitoring services, and pay to procure them."
In addition to Dang, two of the plaintiffs who have filed lawsuits over the data breach live in Texas, while another resides in North Carolina.
The plaintiffs are seeking unspecified amounts in damages.
Charter is one of the country's largest telecommunications companies, with about 31.7 million customers at the end of March.
In May 2025, Charter announced an agreement to merge with Atlanta-based Cox Communications. Charter officials have said that the new, combined company will be located at Charter's current headquarters, at 400 Washington Boulevard in downtown Stamford, where about 1,800 Charter employees are based. Charter CEO Chris Winfrey is set to take the same role at the new, combined company, which will be called Cox Communications.
© 2026 The Register Citizen, Torrington, Conn. Distributed by Tribune Content Agency, LLC.
