HomeData BreachAT&T confirms knowledge for 73 million prospects leaked on hacker discussion board

AT&T confirms knowledge for 73 million prospects leaked on hacker discussion board

AT&T has lastly confirmed it’s impacted by a data breach affecting 73 million present and former prospects after initially denying the leaked knowledge originated from them.

This comes after AT&T has repeatedly denied for the previous two weeks {that a} huge trove of leaked buyer knowledge originated from them and or that their methods had been breached.

Whereas the corporate continues to say there isn’t any indication their methods have been breached, it has now confirmed that the leaked knowledge belongs to 73 million present and former prospects.

“Based mostly on our preliminary evaluation, the info set seems to be from 2019 or earlier, impacting roughly 7.6 million present AT&T account holders and roughly 65.4 million former account holders,” AT&T mentioned in a assertion shared with BleepingComputer.

The corporate additional says that the security passcodes used to safe accounts have been additionally leaked for 7.6 million prospects. 

In 2021, a menace actor generally known as Shiny Hunters claimed to be promoting the stolen knowledge of 73 million AT&T prospects. This knowledge consists of names, addresses, cellphone numbers, and, for a lot of prospects, social security numbers and beginning dates.

See also  PJ&A says cyberattack uncovered knowledge of almost 9 million sufferers

On the time, AT&T denied that they suffered a breach or that the info originated from them.

Quick ahead to 2024, and one other menace actor leaked the large dataset on a hacking discussion board, stating it was the identical knowledge stolen by Shiny Hunters.

BleepingComputer analyzed the info and decided that it contained the identical delicate info that ShinyHunters claimed was stolen. Nevertheless, not each buyer had their social security quantity or beginning date uncovered by the incident.

Post on hacking forum leaking alleged AT&T data from 2021 breach
Publish on hacking discussion board leaking alleged AT&T knowledge from 2021 breach
Supply: BleepingComputer

AT&T as soon as once more denied that they suffered a breach or that the info originated from them.

Nevertheless, BleepingComputer has spoken to over 50 AT&T and DirectTV prospects because the knowledge was leaked, they usually instructed us that the leaked knowledge comprises info that was solely used for his or her AT&T accounts.

These prospects said that they used the disposable e mail function of Gmail and Yahoo to create DirectTV or AT&T-specific e mail addresses that have been solely used once they signed up for his or her service.

See also  Johnson Controls says ransomware assault value $27 million, information stolen

These e mail addresses have been confirmed not for use on some other platform, indicating that the info needed to have originated from DirectTV or AT&T.

Troy Hunt additionally confirmed comparable info from prospects after the info was added to the Have I Been Pwned data breach notification service.

Nevertheless, after contacting AT&T quite a few occasions with this info, the corporate has not responded to additional emails till immediately.

DirectTV finally instructed BleepingComputer that we would wish to contact AT&T with additional questions as the info predates their spinoff, they usually not have entry to AT&T methods to verify.

As we speak, AT&T instructed BleepingComputer that they’d solely share additional details about the breach of their printed assertion and a brand new web page on maintaining AT&T accounts safe.

The web page on maintaining accounts safe additional discloses that the passcodes for 7.6 million AT&T prospects have been compromised as a part of the breach and have been reset by the corporate.

See also  Free, France’s second largest ISP, confirms data breach after leak

Clients use passcodes to additional safe their AT&T accounts by requiring them to obtain buyer assist, handle accounts at retail shops, or signal into their on-line accounts.

“It has come to our consideration that numerous AT&T passcodes have been compromised,” reads the brand new AT&T advisory.

“We’re reaching out to all 7.6M impacted prospects and have reset their passcodes. As well as, we might be speaking with present and former account holders with compromised delicate private info.”

TechCrunch first reported on the compromised passcodes after being contacted by a researcher who mentioned the leaked knowledge contained encrypted passcodes for tens of millions of customers.

AT&T additional says that the info seems to be from 2019 and earlier and doesn’t comprise private monetary info or name historical past.

The corporate will notify all 73 million former and present prospects in regards to the breach and the subsequent steps they need to take.

AT&T prospects may also use Have I Been Pwned to find out if their knowledge was compromised on this breach.

- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular