More than four million records of users of Time Warner Cable's MyTWC app were found unsecured on an Amazon server last month, digital security research centre Kromtech Security Center said in a blog post on Friday.
The files — more than 600GB in size containing sensitive information such as transaction ID, user names, Mac addresses, serial numbers, account numbers — were discovered on 24 August without a password by researchers of Kromtech.
"A vendor has notified us that certain non-financial information of legacy Time Warner Cable customers who used the MyTWC app became potentially visible by external sources," Charter Communications Inc
The information was removed immediately after the discovery and the incident is being investigated, Charter said.
The breach was eventually linked to BroadSoft,
Broadsoft did not immediately respond to a request for comment.
(Reporting by Laharee Chatterjee and Arjun Panchadar in Bengaluru; Editing by Shounak Dasgupta and Sriraj Kalluvila)