Brsk Investigates After Hacker Claims Theft of 230,000 Sensitive Files
A threat actor has claimed to have breached the internal network of the British broadband company Brsk, allegedly stealing more than 230,000 files containing confidential data.
British broadband company Brsk says it is investigating a potential data security incident after a hacker claimed to have breached its internal network and stolen more than 230,000 files.
Brsk is a UK-based full-fibre broadband provider that builds and operates its own network to deliver high-speed internet to underserved areas. Its coverage is currently limited to select regions, mainly in central and northern England around cities such as Birmingham, Manchester, and Bradford.
Recently, a threat actor claimed to have breached Brsk’s internal network and listed the company as a victim on its data leak site. The hacker said it is in possession of 230,105 records allegedly stolen from the company and is offering them for sale through a bidding process on Telegram.
🚨 A threat actor is advertising the alleged customer database of BRSK, a UK full-fibre broadband provider. The actor claims the breach includes customer booking and installation records containing full names, email addresses, contact numbers, physical addresses, installation… pic.twitter.com/GuNCNRXjB6
— DarkEye (@darkeye_team) November 21, 2025
According to the hacker’s post, the stolen data allegedly includes customers’ full names, email addresses, home addresses, installation details, location information, phone numbers, and indicators of whether they are classified as vulnerable individuals.
While the company has not published a data security incident notice on its website, in a statement shared with ISPreview, a Brsk spokesperson said that the company is investigating the claims of the threat actor.
“Brsk is investigating an incident involving unauthorised access to one of our customer database systems. We have established that the information involved is limited to basic customer contact information. No financial information, passwords, or account login credentials were affected. At this stage, there is no evidence to suggest that any of the information has been misused.
We understand that incidents of this nature can cause concern, and we are treating this matter with the highest level of seriousness. We have informed affected customers and as an additional precaution, we are offering them 12 months of free personal, financial and web-monitoring services provided by Experian. We have also engaged specialist security partners to assist with our investigation,” the spokesperson added.
Brsk has notified the Information Commissioner’s Office (ICO), the police, and other relevant regulatory authorities, and said it is working with them to resolve the incident as quickly as possible.
Related Articles
Most Viewed
New rules, rising threats: why lean IT teams must rethink cyber-securitySponsored by CORO CYBER SECURITY
Don’t allow AI experiments to become quiet business risksSponsored by alice.io
The Expert View: Reducing cyber-risk across OT and critical infrastructureSponsored by Claroty
Winston House, 3rd Floor, Units 306-309, 2-4 Dollis Park, London, N3 1HF
23-29 Hendon Lane, London, N3 1RT
020 8349 4363
© 2025, Lyonsdown Limited. teiss® is a registered trademark of Lyonsdown Ltd. VAT registration number: 830519543