There has been a claimed AT&T hack of individual info from 70 million clients, considerably less than a week just after a verified hack of tens of thousands and thousands of T-Cell buyer records. In the two circumstances, the knowledge contains social stability quantities.
Update: The carrier denied in more robust phrases that it was hacked.
Restore Privateness broke the information.
A nicely-recognised risk actor is offering private facts that was allegedly collected from 70 million AT&T buyers. We analyzed the info and observed it to involve social stability quantities, dates of birth, and other private details. The hacker is asking $1 million for the total database (direct sell) and has furnished RestorePrivacy with distinctive facts for this report.
In the primary write-up that we found on a hacker discussion board, the user posted a compact sample of the details. We examined the sample and it seems to be authentic based on accessible public records. In addition, the person who posted it has a historical past of key information breaches and exploits.
Even though we can’t but verify the data is from AT&T prospects, every little thing we examined seems to be valid. Listed here is the info that is offered in this leak:
E-mail deal with
Social stability number
Date of delivery
Even much more worryingly, the hacker is doing the job on decrypting information that he believes contains person accounts’ PINs.
The site’s Sven Taylor tells me that the sample information he reviewed are way too handful of to say for selected that the resource was AT&T, but the hacker concerned has been verified appropriate about “many significant leaks and breaches,” generating him a credible resource.
AT&T has issued a single-sentence statement that falls perfectly shorter of a categorical denial:
Dependent on our investigation these days, the details that appeared in an internet chat place does not show up to have come from our methods.
Update the Carrier incorporated a additional entire rebuttal:
“Based on our investigation yesterday, the information that appeared in an world-wide-web chat space does not seem to have arrive from our techniques.”
So there was no breach of AT&T?
Based mostly on our investigation, no, we never consider this was a breach of AT&T devices.
Is this AT&T consumer info? Exactly where did it come from?
Given this information and facts did not occur from us, we can not speculate on where by it came from or no matter whether it is legitimate.
The hacker has mentioned he is keen to get to “an agreement” with AT&T to take away the information from sale.
FTC: We use profits earning vehicle affiliate one-way links. More.