AT&T, the American telecommunications giant, has confirmed to Restore Privacy that it is investigating claims about a data breach impacting its customers.
This is in response to a January 6 post on the hacking forum Breached, where a user claimed to hold an AT&T database containing the information of 37,000,000 subscribers.
The threat actor published a hefty sample of five million lines, including the subscribers’ names, ZIP codes, email addresses, phone numbers, device details, contract details, and more.
Source: RestorePrivacy.com
The seller of the alleged AT&T database is willing to discuss offers of a five-digit sum of XMR (Monero), which is currently worth about $150. This means the asking price is at least $1,500,00.00
A threat actor with the email addresses, phone numbers, names, and the rest of the leaked information could perform phishing, social engineering, and scamming against the exposed individuals.
The seller of the data claims the set was stolen from AT&T during a network intrusion by a new group named ‘Endurance Ransomware,’ which has previously claimed breaches against a number of government and military organizations in the United States.
Source: RestorePrivacy.com
Typically, samples of data stolen by Endurance end up on Breached, where they are put up for sale, so the group operates more as an extortion group. It’s unknown if Endurance performs file encryption, as none of their past attacks were associated with service outages on the claimed victims.
AT&T has not confirmed yet if the leaked data belongs to its clients or if it might be the product of a new data breach or just a republishing of an old leak.
Instead, the ISP noted that the set does not contain sensitive details like credit card information, Social Security Numbers, account passwords, and device ID numbers.
In August 2022, 3.6 GBs of data allegedly belonging to 28.5 million AT&T clients leaked on the dark web, and analysis showed that the information was real.
The telecommunications service provider responded to the situation by saying that the data belonged to its customers, but denied having suffered a breach. Instead, AT&T said it might have been sourced by a breach on another company.
Big organizations like AT&T, with over 200 million subscribers, indeed have massive data overlaps with similarly large companies. Hence, a breach on any of them inevitably contains personal information of the customer base of the other.
Restore Privacy will continue to follow this leak closely, and we will update this article with new statements from AT&T as soon as the company’s internal investigation has been concluded.
WhatsApp Adds Proxy Support to Help Users Bypass Blocks
Att should be criminally held liable for this data breech that happened 3 years ago. It has now come out that everyones information has shown up on the black web including my information. They obviously tried to hide the breech, I now have to lock down all credit, change all passwords along with several other things and hope that I can lock down faster then the criminals. If this had been know 3 years ago, it probably wouldn’t require everything I need to do now.
phone setting have been changed…apps have changed they know everything I do ….ask me for money