In early January 2026, fiber-broadband provider Brightspeed opened a cybersecurity investigation after a group calling itself Crimson Collective claimed via Telegram (4 January) to have stolen data on more than 1 million customers, sharing screenshots and small samples as purported proof. The claimed data included account master records — names, emails, phone numbers, billing and service addresses and account metadata — with the group alleging payment histories and masked card details may have been accessed. As of mid-January the company had not confirmed exfiltration or a production-system compromise; the claims remained unverified, and class actions followed. We cover how to assess unverified extortion claims.

Unsure whether a leak claim against you is real? Visit  ...