Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)

Arkana Security, a new ransomware group, claims to have breached the telecommunications provider WideOpenWest (WOW!).

The new ransomware group Arkana Security claims to have hacked US telecom provider WOW!, stealing customer data. WideOpenWest (WOW!) is a US-based telecommunications company that provides broadband internet, cable TV, and phone services. It operates mainly in the Midwest and Southeast regions, serving residential and business customers. WOW! is known for offering high-speed internet and competitive pricing in markets where it competes with larger providers.

The Arkana group recently appeared in the threat landscape, claiming to perform post-pentest services, and offering data security, and risk management services. The ransomware group steals victims’ data to pressure them into paying a “generous fee.”

Arkana claims to have stolen two databases, respectively containing data of 403,000 and 2.2 million accounts. Compromised data includes usernames, passwords, security details, emails, and Firebase integration data.

“We have fully compromised Wide Open West (WOW!), gaining access to highly sensitive customer data and servers. If you don’t act, we will expose and sell this data.” reads the statement published by the group on its Tor leak site.

“Right now, only you and we know about the breach. But if you fail to pay, the breach will go public.
Your infrastructure is a complete disaster—your security is non-existent. The systems are so poorly protected that it’s clear no real effort has been made to secure anything.
It’s a huge failure on your part, and the consequences will be severe.”

Arkana exposes victims and publishes sensitive personal information about the breached organization’s executives on its leak site.

At this time, the group also listed the company Oregon Surveillance Network on the leak site.

Arkana claimed to have breached WOW!’s internal systems, including AppianCloud and Symphonica platforms

“A major cyber attack reaps Wide Open West (WOW!), a leading Internet Service Provider with over 1.5 million customers. Hacker(s) successfully gained full control of WOW! through the compromise of their two key platforms: AppianCloud and Symphonica. This breach has led to the complete takeover of WOW!’s systems, customer-facing devices, and backend servers, putting both customer data and operational infrastructure at significant risk. Attackers now have the ability to manipulate network configurations, customer data, and server code logic, which poses a serious threat to WOW!’s entire customer base including critical infrastructure sectors relying on their services.” continues the statement published by the group. “Attackers now have full control over the WOW! infrastructure, and the full scale of the attack is still unfolding. Millions of customers and corporate clients are potentially affected, with the impact yet to be fully realized.”

WOW! has not yet confirmed the alleged data breach.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, WideOpenWest)