ShinyHunters Alleges 42M Records Stolen from Charter Communications

Charter Communications is investigating a claimed breach by the ShinyHunters extortion group, which alleges a vishing compromise of a Microsoft Entra account enabled access to Salesforce and the theft of over 42 million customer records (Charter denies sensitive CPNI was exposed). The report emphasizes the rising threat to identity platforms and SaaS, outlines ShinyHunters' SaaS-focused campaigns, and recommends mitigations such as phishing-resistant MFA, SaaS monitoring, OAuth restriction, least-privilege access, DLP, employee vishing training, and incident response testing.