AT&T says an enormous trove of knowledge impacting 71 million individuals didn’t originate from its techniques after a hacker leaked it on a cybercrime discussion board and claimed it was stolen in a 2021 breach of the corporate.
Whereas BleepingComputer has not been in a position to affirm the legitimacy of all the information within the database, we’ve got confirmed among the entries are correct, together with these whose information is just not publicly accessible for scraping.
The information is from an alleged 2021 AT&T data breach {that a} risk actor generally known as ShinyHunters tried to promote on the RaidForums information theft discussion board for a beginning value of $200,000 and incremental gives of $30,000. The hacker said they might promote it instantly for $1 million.
AT&T advised BleepingComputer then that the information didn’t originate from them and that its techniques weren’t breached.
“Based mostly on our investigation right this moment, the knowledge that appeared in an web chat room doesn’t seem to have come from our techniques,” AT&T advised BleepingComputer in 2021.
After we advised ShinyHunters that AT&T mentioned the information didn’t originate from them, they replied, “I do not care if they do not admit. I am simply promoting.”
AT&T continues to inform BleepingComputer right this moment that they nonetheless see no proof of a breach of their techniques and nonetheless consider that this information didn’t originate from them.
BleepingComputer requested AT&T if it was attainable the information got here from a third-party service supplier or vendor however has not acquired a response at the moment.
Alleged AT&T information leaked two years later
In the present day, one other risk actor generally known as MajorNelson leaked information from this alleged 2021 data breach totally free on a hacking discussion board, claiming it was the information ShinyHunters tried to promote in 2021.
This information consists of names, addresses, cell phone numbers, encrypted date of delivery, encrypted social security numbers, and different inside info.
Nevertheless, the risk actors have decrypted the delivery dates and social security numbers and added them to a different file within the leak, making these additionally accessible.
BleepingComputer has reviewed the information, and whereas we can’t affirm that each one 73 million traces are correct, we verified among the information incorporates right info, together with social security numbers, addresses, dates of delivery, and cellphone numbers.
This was achieved by confirming the leaked information with individuals I do know who had been impacted and verifying that lots of the listed customers have on-line AT&T accounts.
Moreover, different cybersecurity researchers, comparable to Darkish Net Informer, who first advised BleepingComputer in regards to the leaked information, and VX-Underground have additionally confirmed among the information to be correct.
On the identical time, BleepingComputer couldn’t discover information for individuals recognized to be AT&T clients in 2021 and earlier. Nevertheless, this may not be uncommon as their complete cellular buyer base on the finish of 2021 was 201.8 million subscribers, that means that if this information dump is professional, it is just a partial dump.
At this level, it is a thriller the place the information got here from. Nonetheless, no matter the place it originated, all indicators level to this being information of AT&T clients.
Due to this fact, in case you had been an AT&T buyer earlier than and thru 2021, it’s safer to imagine that your information was uncovered and can be utilized in focused assaults, together with SMS and e mail phishing and SIM swapping assaults.
For those who obtain any SMS texts or phishing emails claiming to be from AT&T, be very cautious about offering any info. As a substitute, contact AT&T immediately to verify that they tried to contact you.
This can be a creating story.