AT&T Data Breach: 73 Million Customers' Information Leaked, Company Confirms
AT&T has
confirmed a data breach impacting 73 million current and former customers,
despite initially denying that the leaked data originated from their systems.
This confirmation comes after AT&T
repeatedly denied any involvement in a significant leak of customer data over
the past two weeks, maintaining that their systems had not been breached.
While AT&T insists there is no
evidence of a breach, they have now verified that the leaked data belongs to 73
million current and former customers. "Based on our initial analysis, the
data set appears to be from 2019 or earlier, affecting approximately 7.6
million current AT&T account holders and around 65.4 million former account
holders," AT&T stated in a communication shared with SecureXplore.
Additionally, the company disclosed
that security passcodes used to secure accounts were exposed for 7.6 million
customers.
In 2021, an entity called Shiny
Hunters claimed to be selling the stolen data of 73 million AT&T customers,
including names, addresses, phone numbers, and, for many, social security
numbers and birth dates. AT&T initially denied any breach or data
originating from them. However, in 2024, another threat actor leaked the same
dataset on a hacking forum, asserting it to be the data stolen by Shiny
Hunters.
Upon analysis by SecureXplore, it
was found that the data contained the sensitive information claimed by Shiny
Hunters, though not every customer had their social security number or birth
date exposed. AT&T once again denied any breach or data origin.
Nevertheless, interviews conducted
by SecureXplore with over 50 AT&T and DirecTV customers post-leak confirmed
that the leaked data contained information specific to their AT&T accounts.
These customers used disposable email addresses from Gmail or Yahoo exclusively
for DirecTV or AT&T services.
This suggests that the data must
have originated from DirecTV or AT&T. Troy Hunt also confirmed similar
details from customers post-data addition to the Have I Been Pwned service.
Despite multiple attempts to reach out to AT&T with
this information, the company only responded today, stating that further
details would be shared via their published statement and a new page dedicated
to securing AT&T accounts.
The
security advisory page revealed that passcodes for 7.6 million AT&T
customers were compromised and reset by the company. Passcodes are crucial for
enhancing the security of AT&T accounts, required for customer support,
retail store transactions, or online account access.
"We've
become aware of compromised AT&T passcodes," reads the updated
AT&T advisory. "We're contacting all 7.6 million affected customers
and have reset their passcodes. Additionally, we'll be reaching out to current
and former account holders with compromised sensitive personal
information."
TechCrunch
initially reported on the compromised passcodes after being alerted by a
researcher who stated that the leaked data contained encrypted passcodes for
millions of users.
Furthermore,
AT&T asserts that the data appears to be from 2019 or earlier and does not
include personal financial information or call records. The company pledges to
notify all 73 million former and current customers about the breach and the
necessary steps to be taken.
AT&T
customers can also use Have I Been Pwned to determine if their data was
compromised in this breach.
Comments
Post a Comment