After T-Mobile in the USA, the top dog AT&T is also threatened with a security debacle due to an apparently massive data breach. The bustling hacker group ShinyHunters offers private data allegedly from 70 million AT&T customers in an underground forum. According to an analysis, these include social security numbers, which are traded as ID substitutes in the USA, names, addresses and dates of birth as well as e-mail addresses and telephone numbers. The strangers are asking for $ 1 million for the entire database.
Prehistory with extensive leaks
With the original posting in the hacker forum, The online portal “Restore Privacy” first reported on it, the gang initially only provided a relatively small sample of the allegedly captured data. The sample records appear to be authentic from the report as they are based on available public records.
The ShinyHunters also have a long history with extensive data leaks. In January, for example, they offered personally identifiable information from over 77 million Nitro PDF accounts, but for the symbolic price of $ 3. The gang was also behind publications from other previous data breaches, including Microsoft, Tokopedia, Pixlr, Mashable and Minted.
Data from various sources
The hackers told the portal that all data comes from AT&T customers in the United States. They didn’t want to explain how they got the information. It should also contain three encrypted data series, whereby the first two are the social security numbers and the dates of birth. The third party could be user PINs. With the information for sale, those affected face increased risks for identity theft, phishing attempts, social engineering attacks, hacked accounts and social security fraud.
AT&T has rejected the allegations: Own investigations have shown that “the information that has turned up in an Internet chat room, apparently does not come from our systems,” a spokesman told “Restore Privacy”. But there was no talk of a chat platform. In addition, it is also possible that the information offered for sale does not come directly from an IT attack on the telecommunications company’s databases, but was stolen from various sources.
Company “does not believe” in “a direct leak”
In response to further inquiries, AT&T said that they did not believe that there had been a direct leak in their own information systems. Since the company did not provide any relevant information, one could not speculate about where the data came from and whether it was up-to-date. ShinyHunters says AT&T will “deny it until I leak everything”. He is ready to take the offer from the market if AT&T strives for a corresponding “agreement”.
Earlier this week it became known that T-Mobile USA was also struggling with a massive leak. The subsidiary of Deutsche Telekom has since confirmed that sensitive data is affected by 7.8 million customers. According to reports the company is now threatened with a class action lawsuit in a court in Washington because of the security breach.