The security flaws of the Charter have recently released data on millions of customers. On the Charter Communications (Spectrum) website, a vulnerability has been discovered that most people take over customer accounts without requiring a password TechDirt).
[[[[People can purchase Apple's hacking tool on the dark web]
Charter security defect
This deficiency involves deceiving the Spectrum website, which allows subscribers to create IDs of Time Warner Cables (recently acquired by Charter). If the customer has not yet registered an ID, this vulnerability would allow an attacker to create a Web site by replacing the IPD address with the customer's IP address.
The registration website tried to confirm the identity of the subscriber in search of the postal code and telephone number. However, according to security researcher Phobia, the zip code was not right to go to the next page. Only the phone number associated with the account must be accurate.
In addition, Ceraolo discovered that hackers can use the brute force software program in the phone number field (in other words, they can try different 10-digit combinations repeatedly). In other words, it is relatively easy for a hacker to inherit someone's account without having an accurate phone number.
After a fake ID is created, an attacker can access personal data such as billing address, e-mail, account number, and so on. The charter has 23 million subscribers, but not all are affected. People who were subscribers of Time Warner Cable before the merger are affected by 14 million users.
Although the charter insists that this defect is not actually exploited in practice, the number of affected people is not clear.
[[[[This simple back door hack for you …