Threat actors leaked 70,000,000+ records allegedly stolen from AT&T

8 months ago 63
BOOK THIS SPACE FOR AD
ARTICLE AD

Threat actors leaked 70,000,000+ records allegedly stolen from AT&T

Researchers at vx-underground first noticed that more than 70,000,000 records from AT&T were leaked on the Breached hacking forum.

More than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached, vx-underground researchers reported.

Today 70,000,000+ records from an unspecified division of AT&T were leaked onto Breached. No information is available to indicate whether it is a 3rd party compromise, or which 'division' this data is from.

Regardless, upon review we can confirm the stolen data is legitimate.

— vx-underground (@vxunderground) March 17, 2024

The researchers confirmed that the leaked data is legitimate, however, it is still unclear if the information was stolen from a third-party organization linked to AT&T.

The seller, who goes online with the moniker MajorNelson, claims that the data was obtained from an unamed AT&T division by @ShinyHunters in 2021. The archive contains 73.481.539 records.

AT&T

“It should be noted before anyone hits us with an “aktschually” – the data was stolen in 2021. It was leaked online today.” said vx-underground.

It should be noted before anyone hits us with an "aktschually" – the data was stolen in 2021. It was leaked online today.

— vx-underground (@vxunderground) March 17, 2024

In August 2021, the ShinyHunters group claimed to have a database containing private information on roughly 70 million AT&T customers, but the company denied that they had been stolen from its systems.

ShinyHunters is a popular hacking crew that is known to have offered for sale data stolen from tens of major organizations, including TokopediaHomechefChatbooks.comMicrosoft, and Minted.

In August 2021, the group asked $1 million for the entire database, or $200,000 for access, according to the RestorePrivacy website that examined a sample that appears authentic.

“While we cannot yet confirm the data is from AT&T customers, everything we examined appears to be valid.” reads the RestorePrivacy website. “Here is the data that is available in this leak:

Name Phone number Physical address Email address Social security number Date of birth”

Below is a screenshot shared by the website:

AT&T

The threat actors claimed that data belonged to AT&T customers in the United States, the group told RestorePrivacy that they were available to support AT&T in securing its systems for a reward.

AT&T denied any data breach, below is the statement from the telecomunication giant:

“Based on our investigation Thursday, the information that appeared in an internet chat room does not appear to have come from our systems,”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)



Read Entire Article