AT&T Admits Data of 73 Million Account Holders Leaked to Dark Web
Data from roughly 7.6 million current account holders and 65.4 million former account holders were released on the dark web, AT&T said.
Telecom giant AT&T disclosed on Saturday that data from some 73 million current and former account holders has been leaked onto the “dark web” and the incident is under investigation.
AT&T said it had reset passcodes for 7.6 million current account holders affected by the leak.
“We will be reaching out to individuals with compromised sensitive personal information separately and offering complimentary identity theft and credit monitoring services,” the company said in a statement.
AT&T said it hasn’t found any evidence of unauthorized access to its systems that resulted in data being stolen and that it has launched a “robust” investigation into the incident with the help of outside cybersecurity experts.
“Our internal teams are working with external cybersecurity experts to analyze the situation,” the company said in a statement. “To the best of our knowledge, the compromised data appears to be from 2019 or earlier and does not contain personal financial information or call history.”
It’s unclear if the leaked data originated from AT&T or one of the company’s vendors.
AT&T said the incident has not had a material impact on its operations.
‘The Impact Is Significant’
The threat actor was trying to auction off the data on a hacking forum, according to BleepingComputer, with a starting price of $200,000 while offering to sell it immediately for $1 million.
Mr. Hunt said that what the hacker was advertising as around 70 million records actually had 73.5 million lines, including 49.1 million unique email addresses, 44 million Social Security numbers, and 43.5 million dates of birth.
He said it’s inconclusive whether the data originated from AT&T or a third-party, but insisted that he had proved “with sufficient confidence, that the data is real and the impact is significant.”
“We have no indications of a compromise of our systems. We determined in 2021 that the information offered on this online forum did not appear to have come from our systems,“ Mr. Stokes told the outlet in a statement. ”This appears to be the same dataset that has been recycled several times on this forum.”
Please Donate Below To Support Our Ongoing Work To Defend The Scientific Method
PRINCIPIA SCIENTIFIC INTERNATIONAL, legally registered in the UK as a company 
incorporated for charitable purposes. Head Office: 27 Old Gloucester Street, London WC1N 3AX.
Trackback from your site.
Tom
| #
Yeppers…everything’s hackable.
Reply
Howdy
| #
Depends how hard a network needs to be, Tom. Cost, ease of maintenance, or administration, appears to be a large driving force in security appliances and firewalls.
That is not congruous to max defence, but allways a compromise.
Effectiveness vs good enough, but there is no such thing as good enough where security is concerned.
Say a perimeter device protects a ‘trusted’ network. Once that perimeter is breached, the network is not trusted, nor was it ever. Trust, and security do not work for me when based on automated rule sets in particular.
Reply
John Thomas Bakkila
| #
I have AT&T.
I noticed the service interuptions (more than one) weeks before anything was reported, and also was notified weeks before anything was reported. The first interruption resulted in me getting unlimited hotspot service for 2 weeks. The second interruption happened the next night at the exact same time for nearly the same amount of time. It was then that I knew they were most likely upgrading equipment. This may also have been a vulnerable time for attackers.
Just my observation.
Reply