US firm ATT says data of 73 million customers leaked on dark web Telecommunications News Al Jazeera
Personal information belonging to millions of past and present AT&T customers has been leaked online, including Social Security numbers (SSNs), passcodes and contact details, the multinational company says.
In a statement on Saturday, the telecommunication network – the largest in the United States – said a recently discovered dataset on the “dark web” contained information for about 7.6 million current AT&T account holders and 65.4 million former users, totalling about 73 million affected accounts.
KEEP READING
list of 4 items
list 1 of 4
Mobile telecommunications outages reported in several US cities
list 2 of 4
Nearly half of Australia cut off from telecom network causing chaos
list 3 of 4
Pentagon confirms intelligence sharing with Japan despite hacking rumours
list 4 of 4
Disbelief in Kenya over alleged Chinese cyberattack on gov’t data
end of list
It is not known if the breach “originated from AT&T or one of its vendors”, the company said.
“To the best of our knowledge, the compromised data appears to be from 2019 or earlier and does not contain personal financial information or call history,” the statement added.
All 7.6 million existing account holders whose sensitive personal information was compromised were set to be notified about the breach AT&T. The company said it had already reset passcodes and was investigating the incident.
Thanks for reaching out. A number of AT&T passcodes have been compromised. Our teams are working with external cybersecurity experts to analyze the situation and we have reset passcodes. Learn more: https://t.co/tOZWNMOBen.
— AT&T (@ATT) March 31, 2024
In addition to passcodes and SSNs, the hacked data possibly included email and mailing addresses, phone numbers and birth dates, AT&T added.
Reports of the breach first surfaced on a hacking forum nearly two weeks ago. It is unclear if the leak is linked to a similar breach in 2021 that was widely reported but that AT&T did not acknowledge.
Sign up for Al Jazeera
Americas Coverage Newsletter
US politics, Canada’s multiculturalism, South America’s geopolitical rise—we bring you the stories that matter.
E-mail address
Subscribe
By signing up, you agree to our Privacy Policy
protected by reCAPTCHA
A hacker at the time claimed to have access to data of 70 million AT&T customers, including their names, addresses, phone numbers, SSNs, and date of birth.
Auction data on a hacking forum revealed the hacker attempted to sell the stolen information for thousands of dollars.
“If they assess this and they made the wrong call on it, and we’ve had a course of years pass without them being able to notify impacted customers” then it’s likely the company will soon face class action lawsuits, cybersecurity expert Troy Hunt told The Associated Press news agency.
Troy, the creator of Have I Been Pwned? – a website that alerts subscribers to data breaches – said in a blogpost at least 153,000 of his customers were affected.
The Dallas-based company faced challenges earlier in February after an outage temporarily knocked out mobile phone service for thousands of users.
AT&T blamed the incident on a technical coding error, not a malicious attack. Other networks were also affected, but AT&T appeared to be the hardest hit.
In a statement on Saturday, the telecommunication network – the largest in the United States – said a recently discovered dataset on the “dark web” contained information for about 7.6 million current AT&T account holders and 65.4 million former users, totalling about 73 million affected accounts.
KEEP READING
list of 4 items
list 1 of 4
Mobile telecommunications outages reported in several US cities
list 2 of 4
Nearly half of Australia cut off from telecom network causing chaos
list 3 of 4
Pentagon confirms intelligence sharing with Japan despite hacking rumours
list 4 of 4
Disbelief in Kenya over alleged Chinese cyberattack on gov’t data
end of list
It is not known if the breach “originated from AT&T or one of its vendors”, the company said.
“To the best of our knowledge, the compromised data appears to be from 2019 or earlier and does not contain personal financial information or call history,” the statement added.
All 7.6 million existing account holders whose sensitive personal information was compromised were set to be notified about the breach AT&T. The company said it had already reset passcodes and was investigating the incident.
Thanks for reaching out. A number of AT&T passcodes have been compromised. Our teams are working with external cybersecurity experts to analyze the situation and we have reset passcodes. Learn more: https://t.co/tOZWNMOBen.
— AT&T (@ATT) March 31, 2024
In addition to passcodes and SSNs, the hacked data possibly included email and mailing addresses, phone numbers and birth dates, AT&T added.
Reports of the breach first surfaced on a hacking forum nearly two weeks ago. It is unclear if the leak is linked to a similar breach in 2021 that was widely reported but that AT&T did not acknowledge.
Sign up for Al Jazeera
Americas Coverage Newsletter
US politics, Canada’s multiculturalism, South America’s geopolitical rise—we bring you the stories that matter.
E-mail address
Subscribe
By signing up, you agree to our Privacy Policy
protected by reCAPTCHA
A hacker at the time claimed to have access to data of 70 million AT&T customers, including their names, addresses, phone numbers, SSNs, and date of birth.
Auction data on a hacking forum revealed the hacker attempted to sell the stolen information for thousands of dollars.
“If they assess this and they made the wrong call on it, and we’ve had a course of years pass without them being able to notify impacted customers” then it’s likely the company will soon face class action lawsuits, cybersecurity expert Troy Hunt told The Associated Press news agency.
Troy, the creator of Have I Been Pwned? – a website that alerts subscribers to data breaches – said in a blogpost at least 153,000 of his customers were affected.
The Dallas-based company faced challenges earlier in February after an outage temporarily knocked out mobile phone service for thousands of users.
AT&T blamed the incident on a technical coding error, not a malicious attack. Other networks were also affected, but AT&T appeared to be the hardest hit.