FCC fines Cox for falling for Lizard Squad scam, exposing customer data

4 12 2015


November 6, 2015

Sean Gallagher

What’s the cost of giving up customers’ information because of weak information security practices? For Cox Communications, the answer is a half-million dollar fine and having the Federal Communications Commission watching its every information security move for the next seven years. The FCC’s Enforcement Bureau and cable and broadband Internet provider Cox Communications have reached a settlement over an August 2014 data breach involving a member of the Lizard Squad hacking group. The FCC announced the settlement on Thursday.

The hacker, who goes by the nom de guerre “EvilJordie,” used one of the oldest social engineering tricks in the book to gain access to Cox’s internal data: he convinced a Cox customer service representative and a Cox contractor over the phone that he was a system administrator in Cox’s IT department and sent them a “phishing” link to a malicious website that mimicked a corporate intranet site, where they entered their login credentials.


The content in this post was found at http://arstechnica.com/security/2015/11/fcc-fines-cox-for-falling-for-lizard-squad-scam-exposing-customer-data/ and was not authored by the moderators of freeforafee.com. Clicking the title link will take you to the source of the post.



Leave a comment

You must be logged in to post a comment