Cyber assault on Frontier Communications resulted in the theft of personal data from 751,000 individuals.
In the digital landscape of April 2025, a significant event unfolded when the prominent ransomware-as-a-service (RaaS) group, RansomHub, ceased operations. Known for its high-profile attacks, particularly targeting large corporate victims, RansomHub had been a major player in the cybercrime world, with an average of 75 listed victims each month over six months prior to its shutdown.
One of the most notable victims of RansomHub was Frontier Communications, a major provider of phone and internet services based in Dallas. The company, which calls itself the largest pure-play fiber provider in the U.S., disclosed a cyberattack in April 2021 that exposed the personal data of over 751,000 people to the Maine Attorney General. However, in the latest attack, Frontier Communications reported that they do not expect the incident to have a material impact on their financial results, as stated in an SEC filing.
The nature of the data stolen in the cyberattack linked to RansomHub was not specified. Officials from Frontier Communications were not immediately available for comment regarding any potential repercussions or actions taken in response to the data breach. Frontier detected the attack on April 14 and contained the damage from the incident, which impacted its IT network.
RansomHub's disappearance led to a migration of its operations and affiliates to the DragonForce ransomware group platform and the DragonForce cartel initiative. This move resulted in a noticeable increase in attacks attributed to DragonForce, likely due to the influx of former RansomHub affiliates.
RansomHub's influence was not limited to the U.S. The group, rebranded from Knight ransomware, was linked to approximately 45 cyberattacks globally since early February, according to an analysis by Forescout. One such attack was the Change Healthcare attack, which caused significant disruption to hospitals and prescription drug access across the U.S. for weeks.
The ransomware ecosystem experienced a broader disruption in Q2 2025, with several other dominant RaaS groups also leaving the scene due to law enforcement pressure, takedowns, and operational setbacks. This paved the way for emerging groups like Qilin to rise as new market leaders.
As the digital world continues to evolve, the impact of these cyberattacks and the rise and fall of ransomware groups remain a critical concern for businesses and individuals alike. Stay vigilant and secure your digital assets to protect against potential threats.
- The disappearance of RansomHub, a prominent ransomware-as-a-service group, caused its operations and affiliates to migrate to the DragonForce ransomware group platform, escalating the number of attacks attributed to DragonForce.
- Amidst the broader disruption in the ransomware ecosystem in Q2 2025, where several other dominant ransomware-as-a-service groups discontinued operations, emerging groups like Qilin rose as new market leaders, underscoring the continuous threat of cybersecurity issues in the technology sector.
