HQ/EMEAFind out how we can help your business
AT&T recently disclosed a whopping 51 million past and present customers about a data breach that exposed their details on a dark web forum. However, the company has not revealed how the threat actors acquired the stolen data.
This breach is related to a substantial leak of AT&T customer data on the ‘BreachForums’ hacking forum, which initially appeared for $1 million in 2021. Based on reports, the threat actor ShinyHunters initially listed the data for sale, but AT&T denied any connection with the selling after it stated that its systems were intact.
Moreover, this US telecommunication company continued to deny any hacking allegations despite another threat actor named ‘MajorNelson,’ who leaked their entire dataset last month.
AT&T finally confirmed the data leak after numerous researchers found new evidence of the attack.
Although over 70 million individuals were affected by the leak, AT&T confirms that it directly impacted 51,226,382 customers. However, the compromised information varied per account, potentially including full names, email addresses, phone numbers, and social security numbers.
Personal financial data and call histories seem to be untouched. The breach appears to date back to June 2019 or earlier.
AT&T clarified the difference in impacted customers, citing multiple accounts held by some individuals in the dataset. Still, the company has not disclosed how the actors stole the data or why it took nearly five years to admit the breach and notify customers.
Despite claiming they first learned of the breach in March 2024, inquiries from various researchers date back way before March this year, and a threat actor has already offered the data in 2021.
On the other hand, AT&T offers one year of identity theft protection plus credit monitoring services through a third-party provider. Still, researchers claimed the offer is too late to prevent exploitation.
Customers should still take the deal, as the enrollment deadline is August 30, 2024.
Given the breach’s timeline, cybercriminals have had sufficient time to use the data for malicious purposes and potentially target affected AT&T customers. Furthermore, the leak’s dissemination within the cybercrime community significantly increases the risk for every customer.
In response to this security lapse and the delayed acknowledgement, AT&T faces multiple class-action lawsuits from various customers. Experts advise other customers to be cautious with unsolicited communications and monitor their accounts and credit reports closely, as the threat actors may have already used the primary stolen data for creating fraudulent activities and phishing attempts.
