AT&T Says Data From 73 Million Current and Former Account Holders Leaked on Dark Web
AT&T Says Data From 73 Million Current and Former Account Holders Leaked on Dark Web

By Tom Ozimek

Telecom giant AT&T disclosed on May 30 that data from about 73 million current and former account holders has been leaked onto the “dark web” and the incident is under investigation.

In a March 30 announcement, AT&T said that data from roughly 7.6 million current account holders and 65.4 million former account holders were released on the dark web about two weeks ago.

The company said in a separate notice that the data set seems to be from 2019 or earlier and, while the type of information compromised varies by customer and account, it may include passcodes, full name and email address, home address, phone number, date of birth, and Social Security numbers.

AT&T said it had reset passcodes for 7.6 million current account holders affected by the leak.

“We will be reaching out to individuals with compromised sensitive personal information separately and offering complimentary identity theft and credit monitoring services,” the company said in a statement.

AT&T said it hasn’t found any evidence of unauthorized access to its systems that resulted in data being stolen and that it has launched a “robust” investigation into the incident with the help of outside cybersecurity experts.

“Our internal teams are working with external cybersecurity experts to analyze the situation,” the company said in a statement. “To the best of our knowledge, the compromised data appears to be from 2019 or earlier and does not contain personal financial information or call history.”

It’s unclear if the leaked data originated from AT&T or one of the company’s vendors.

AT&T said the incident has not had a material impact on its operations.

It’s also unclear if the data relates to a claim made in 2021 by a hacker known as ShinyHunters with a long history of compromising websites who claimed to have obtained a trove of AT&T data impacting 71 million people.

‘The Impact Is Significant’

The threat actor was trying to auction off the data on a hacking forum, according to BleepingComputer, with a starting price of $200,000 while offering to sell it immediately for $1 million.

At the time, AT&T told BleepingComputer that the information the hacker was trying to auction off did not come from its systems.

Troy Hunt, a security researcher, recently said in a blog post that he had obtained the full data set and concluded that the data pertains to AT&T customers by contacting some of them to verify its accuracy.

Mr. Hunt said that what the hacker was advertising as about 70 million records actually had 73.5 million lines, including 49.1 million unique email addresses, 44 million Social Security numbers, and 43.5 million dates of birth.

He said it’s inconclusive whether the data originated from AT&T or a third-party, but insisted that he had proved “with sufficient confidence, that the data is real and the impact is significant.”

AT&T spokesperson Stephen Stokes told TechCrunch that the data doesn’t appear to have come from its systems.

“We have no indications of a compromise of our systems. We determined in 2021 that the information offered on this online forum did not appear to have come from our systems,“ he told the outlet in a statement. ”This appears to be the same dataset that has been recycled several times on this forum.”

The latest development involving AT&T comes about a month after the telecom giant suffered a 12-hour-long outage to its U.S. cellphone network.

NH POLITICIAN is owned and operated by USNN World News Corporation, a New Hampshire based media company specializing in the collection, publication and distribution of public opinion information, local,...