Time Warner Cable is now the latest company to have experienced a data breach. The cable company says it was alerted by the FBI about a possible data breach that may have exposed email addresses and account passwords, but the company says that its own server hadn’t been breached and that its customers may be impacted due to third-party sites that store Time Warner Cable customer information.
We’ve seen this problem time and time again when it comes to customers of popular services who are the victims in data breaches. It’s assumed that the company behind the service stores such information, but companies like Time Warner Cable and others, such as the pub chain Wetherspoon, often turn over information to other third-party hosting sites that are then held responsible whenever these things happen. It seems to be irresponsible of the companies offering services to not ensure the safety of customer information — only to blame the third-party site in the event of a data breach.
The more interesting question behind all of this is how did the FBI know and inform Time Warner Cable? Why is it the case that Time Warner Cable wasn’t alerted by the third-party site as to the data breach? The fact that the FBI knows is chilling indeed, seeing that the government agency has also been accused of creating back doors with websites and services such as Juniper that led to the company’s own internal search confirming a data breach. Documents from the UK showed in the following days that British intelligence wanted to attack both Juniper and Huawei but needed the FBI’s compliance in the effort — a sign that nothing happens on American soil without the FBI’s knowledge.
With that said, Time Warner Cable need not blame the third-party site for the data breach, but rather, the FBI. After all, who knows how long the FBI sat on the news before the agency decided to report it?