On January 4, 2026, the Crimson Collective threat group publicly claimed via Telegram to have breached Brightspeed (a major US fiber broadband provider) and stolen records for over 1 million residential customers. The group shared screenshots and small data samples as purported proof. Claimed stolen data includes full PII — names, emails, phone numbers, billing/service addresses, account status, network type, and billing system data. Brightspeed opened a cybersecurity investigation but as of mid-January 2026 had not confirmed data exfiltration or a production system compromise. A class action lawsuit was filed January 7, 2026. Crimson Collective also allegedly threatened to disconnect Brightspeed customers. The breach remains unconfirmed by the company.