In brief: After spending two weeks repeatedly denying that a massive cache of data belonging to 73 million people came from the company, AT&T has now confirmed that it originates from current and former customers. The information contains full names, email addresses, mailing addresses, phone numbers, social security numbers, birth dates, AT&T account numbers, and four-digit pin passcodes.
When the massive trove of data was posted for sale on a cybercrime forum early this month, AT&T said it did not originate from its systems, even though the poster said it was stolen from a 2021 breach of the telecommunications giant.
AT&T says there is still no indication their systems were breached. However, the company has now confirmed that the data belongs to 7.6 million current customers and 65.4 million former customers. According to a statement, it is not yet known whether the data in those fields originated from AT&T or one of its vendors.
The reason so many former customers have been impacted is due to the data set apparently dating from 2019 or earlier.
BleepingComputer reports that this might not be the first time this data has been put up for sale. In 2021, a hacker known as Shiny Hunters claimed to be selling the stolen data of 73 million AT&T customers for a starting price of $200,000. It included names, addresses, phone numbers, social security numbers, and birth dates. AT&T at the time denied it came from the company.
Source: BleepingComputer
TechCrunch first reported on the compromised passcodes being part of the data set after the publication was contacted by a security researcher. They are encrypted, but the researcher indicated that cracking the encryption was unnecessary to access the passcode data.
AT&T said it has now launched an investigation supported by internal and external cybersecurity experts. It is contacting all of the 7.6 million current customers who have been impacted and resetting their passcodes. The former customers whose personal information appears in the data set are also being contacted. The company will be offering credit monitoring at its expense where available.
Masthead: Mike Mozart