A newly surfaced ransomware group known as Arkana Security has claimed responsibility for a cyberattack on US telecommunications company WideOpenWest (WOW!). The group alleges it compromised critical internal systems and stole sensitive customer data, marking its first publicized attack. This follows the recent attack on Numotion by another ransomware gang, Black Basta.
Operating under the guise of penetration testers, Arkana claims it targets companies by exploiting corporate vulnerabilities. However, their tactics mirror those of typical ransomware groups — using stolen data to pressure victims into paying a ransom. According to Arkana, they infiltrate systems, steal confidential information, and then threaten to publish or sell the data unless a fee is paid.
The group runs a Tor-based leak site where it names victims and publishes sensitive information to increase extortion pressure. In WOW!’s case, Arkana has also reportedly engaged in doxxing — sharing personal details of the company’s leadership team to further escalate their threats.
WOW! serves nearly two million customers across 19 markets, including Michigan, Alabama, Tennessee, South Carolina, Georgia, and Florida, offering cable, broadband, phone, and internet services. This week, Arkana listed WOW! as its first confirmed victim on their leak site.
Arkana claims it infiltrated WOW!’s AppianCloud environment and gained full control over its Symphonica system — key components in managing customer services and operations. With such elevated access, the group suggests they could manipulate backend code, deploy malware on user devices, tamper with billing records, and even interfere with financial transactions.
The ransomware gang further claims to have exfiltrated two major customer databases from WOW!’s systems. One database reportedly holds 403,000 accounts, while the second contains 2.2 million records. The stolen information allegedly includes usernames, account IDs, encrypted passwords, security details, emails, user permissions, and Firebase integration data.
Cybersecurity experts warn that if Arkana’s claims are accurate, the fallout could be severe for WOW!. According to SOCRadar, the breach could trigger significant reputational damage, legal challenges, and regulatory scrutiny. More critically, the exposure of customer data might erode trust and force the telecom company to invest heavily in remediation and upgraded cybersecurity defenses to prevent further incidents.
As of now, WOW! has not officially confirmed the breach or provided public comments regarding the alleged ransomware attack.
