The files, more than 600 gigabytes in size, were discovered on Aug. 24 without a password by researchers of Kromtech Security Center, the technology news website reported.
“A vendor has notified us that certain non-financial information of legacy Time Warner Cable customers who used the MyTWC app became potentially visible by external sources,” Charter Communications, Time Warner Cable’s parent, said in an email.
The information was removed immediately after discovery by the vendor and the incident was under investigation, Charter said.
The breach was eventually linked to BroadSoft, a communications company that partners with service providers, including AT&T and TWC, Gizmodo said.
Broadsoft could not be immediately reached for comment.