2023-03-27 Level 3 Parent, LLC Cybersecurity Incident

Page last updated on April 11, 2024

Level 3 Parent, LLC initially disclosed a cybersecurity incident in an SEC 8-K filing on 2023-03-27 08:04:57 EDT.

Incident Details

Material: Unknown
Is Breach: Unknown
Records Compromised: Unknown
Data Types Impacted: No Data Types Tracked (yet)

Compromised Date:
Detected Date:
Disclosure Date: 2023-03-27
Contained Date:
Recovered Date:

Attack Goal: Unknown

Costs: No Costs Tracked (yet)


8-K filed on 2023-03-27

Level 3 Parent, LLC filed an 8-K at 2023-03-27 08:04:57 EDT
Accession Number: 0001193125-23-079847

Item 8.01 Other Events.

Note from BCS: this filing contains two incidents

Cybersecurity Incidents

On March 27, 2023, Lumen announced two cybersecurity incidents. First, last week the Company discovered that a malicious intruder had inserted criminal ransomware into a limited number of the Company’s servers that support a segmented hosting service. This intrusion is currently degrading the operations of a small number of the Company’s enterprise customers. Second, the Company’s recent implementation of enhanced security software has led to its discovery that a separate sophisticated intruder accessed a limited number of the Company’s internal information technology systems, including conducting reconnaissance of these systems, installing malware and extracting a relatively limited amount of data. Based on its ongoing investigations described below and information known at this time, the Company does not believe the incidents have had or will have a material adverse impact on its ability to serve its customers or its business, operations, or financial results.

Following these incidents, the Company took a series of measures to assess, contain and remediate the incidents in accordance with its long-standing cybersecurity protocols. The Company’s initial steps to safeguard the integrity of its information technology systems included (i) working with outside forensic firms to contain the incidents and (ii) implementing business continuity plans to restore functionality to its customers’ operational and business systems. In addition, Lumen notified law enforcement and regulatory authorities and impacted customers, launched investigations, and took additional steps to safeguard the Company’s systems.

The Company continues to evaluate potential responses to the ransomware attack. In addition, the Company is continuing to assess the potential impact of both events, including whether any personally identifiable or other sensitive information has been exfiltrated. Lumen continues to work with several external advisors, impacted customers and relevant authorities to assess and mitigate the impacts from these incidents.

For additional information on the Company’s cybersecurity risks, policies, insurance and procedures, see Item 1.A. “Risk Factors -Business Risks” and Item 1. “Business - Our Network” in the Company’s Annual Report on Form 10-K for the fiscal year ended December 31, 2022, filed on February 23, 2023.

Corrections to Offering Memorandum

In several instances, the Offering Memorandum incorrectly states that the equity of Global Crossing Telecommunications, Inc. (an indirect, wholly-owned subsidiary of Level 3 Financing) would be pledged to secure the New Notes. While Global Crossing Telecommunications, Inc. will be a guarantor of the New Notes upon receipt of requisite regulatory approvals, as stated in the Offering Memorandum and is a guarantor of Level 3 Financing’s existing credit agreement (the “Existing Credit Agreement”) and existing secured notes (the “Existing Secured Notes”), the equity of Global Crossing Telecommunications, Inc. will not be pledged as collateral to secure the New Notes (and is not pledged as part of the collateral package securing the Existing Credit Agreement and the Existing Secured Notes).

As stated in the Offering Memorandum, the New Notes will be (i) secured by the same collateral that secures, and on the same senior lien basis as, the Existing Credit Agreement and the Existing Secured Notes and (ii) guaranteed by the same entities that guarantee, and on the same unsubordinated and secured basis as, the Existing Credit Agreement and the Existing Secured Notes, in each case subject to the receipt of the regulatory approvals described in the Offering Memorandum. In addition, the indenture governing the New Notes will contain restrictive covenants and events of default with respect to the New Notes substantially similar to those applicable to the Existing Credit Agreement and the Existing Secured Notes.

In addition, inconsistent statements were made in the Offering Memorandum regarding the minimum denominations of the New Notes. The New Notes will be issued in minimum denominations of $2,000 principal amount and integral multiples of $1,000 principal amount in excess thereof.

Company Information

NameLevel 3 Parent, LLC
SIC DescriptionTelephone Communications (No Radiotelephone)
CategoryNon-accelerated filer
Fiscal Year EndDecember 30