AT&T Confirms Knowledge Breach Affecting 73 Million Present and Former Clients

AT&T revealed over the weekend that the info of 73 million prospects, together with social safety numbers, had been compromised in an information breach—a hack some media retailers state was reported back in 2021.

In a statement posted to its web site, AT&T stated {that a} latest information set launched on the darkish internet roughly two weeks in the past contained information from its prospects. Presently, it’s not clear whether or not the hackers had been capable of breach AT&T techniques or these belonging to one among its distributors, the corporate added. The info obtained by the hackers contained social safety numbers, electronic mail addresses, cellphone numbers, dates of beginning, AT&T account numbers, and AT&T passcodes.

Of the 73 million individuals affected, 65.4 million had been former AT&T prospects. Within the case of the 7.6 million present prospects, AT&T has automatically reset their passcodes. Passcodes are four-digit codes utilized by AT&T prospects so as to add an additional layer of safety to their accounts, along with their passwords, and are offered throughout some operations comparable to calling customer support. Clients whose passcodes have been reset have been contacted by AT&T.

Moreover, AT&T defined that the info set appeared to include info from 2019 or earlier. In its assertion, AT&T indicated that it might be taking measures to assist these probably affected, comparable to providing complimentary identification theft and credit score monitoring providers.

“Presently, AT&T doesn’t have proof of unauthorized entry to its techniques leading to exfiltration of the info set,” the company said. “The corporate is speaking proactively with these impacted and can be providing credit score monitoring at our expense the place relevant.”

AT&T can be reaching out to present and former prospects whose info was included within the information breach. The corporate suggested prospects anxious about account safety to observe their account exercise and credit score studies.

Notably, the info set concerned within the breach might have been on the darkish internet for a while, in line with Bleeping Computer. The outlet studies that in 2021, a hacker referred to as Shiny Hunters presupposed to be promoting the stolen information of 73 million AT&T prospects, which included names, addresses, cellphone numbers, and beginning dates, amongst others. At the moment, Shiny Hunters tried to promote the info for $200,000 and incremental affords of $30,000. AT&T denied that its system had been breached in response to Bleeping Laptop in 2021.

In mid-March, the hacker MajorNelson uploaded the info set obtained by Shiny Hunters as soon as extra, Bleeping Laptop reported. Bleeping Laptop and other cybersecurity researchers have purportedly confirmed that no less than a few of the buyer information included within the breach is correct.

In contrast to the breach in 2021, which the unique hacker Shiny Hunters tried to promote, MajorNelson seems to have leaked the info on-line free of charge.

In a screenshot shared by @DarkWebInformer, the hacker consists of the archive password for the info and says “Get pleasure from,” together with a smiling face emoji.