US fiber broadband provider Brightspeed is investigating claims of a cyberattack after a notorious hacking group boasted about breaching its systems.
The investigation was triggered by Crimson Collective’s claim to have exfiltrated the personal information of over 1 million customers from the telecommunications company.
Brightspeed operates across 20 states and serves more than 1 million business and home users.
“We are currently investigating reports of a cybersecurity event. As we learn more, we will keep our customers, employees and authorities informed,” a Brightspeed spokesperson said, responding to a SecurityWeek inquiry.
“We take the security of our networks and protection of our customers’ and employees’ information seriously and are rigorous in securing our networks and monitoring threats,” the spokesperson added.
Crimson Collective said it stole personal information such as names, billing addresses, email addresses, and phone numbers, along with other customer data, such as account status, payment details, and service records.
To add weight to their claim, the hackers sent proof of possession to several cybersecurity experts who monitor the dark web.
Crimson Collective is known for its attempt to extort Red Hat last year, after breaching its GitLab instance and claiming the theft of over 570 GB of compressed data from 28,000 private repositories.
In late December 2025, Japanese car maker Nissan disclosed the impact from the Red Hat incident, saying that the personal information of 21,000 customers was affected.
Related: Covenant Health Data Breach Impacts 478,000 Individuals
Related: Top US Accounting Firm Sax Discloses 2024 Data Breach Impacting 220,000
Related: Coupang to Issue $1.17 Billion in Vouchers Over Data Breach
