AT&T investigates claimed sale of 70m customer data dump • The Register

AT&T is investigating claims that hundreds of thousands of its clients’ knowledge are listed on the market on a cybercrime discussion board in what seems to be a re-release from an earlier hack.

“It isn’t unusual for cybercriminals to re-package beforehand disclosed knowledge for monetary acquire,” an AT&T spokesperson instructed The Register. “We simply realized about claims that AT&T knowledge is being made out there on the market on darkish net boards, and we’re conducting a full investigation.”

The info on the market reportedly consists of round 86 million AT&T buyer data, in keeping with HackRead, which first spotted the purloined recordsdata. Whereas the thief claimed the leak concerned 70 million buyer data, HackRead analyzed the information and mentioned it really included about 88 million, of which 86 million are distinctive entries.

The data consists of folks’s dates of delivery, cellphone numbers, e-mail addresses, bodily addresses, and a few 44 million plain-text social safety numbers, which the vendor claims have been initially encrypted.

The stolen data was first listed on the market on Could 15, after which reuploaded on June 3.

Even the vendor says this isn’t from a brand new AT&T breach — however the age and authentic provenance of the information has not been disclosed.

Of their authentic put up, the vendor claimed that the client database was initially swiped final yr, when crooks broke into greater than 165 Snowflake customers’ hosted environments and stole terabytes of information affecting a whole lot of hundreds of thousands of people.

One in all these Snowflake clients was AT&T, and on the time of the breach, an AT&T spokesperson instructed The Register that attackers snatched name and textual content data – particularly the main points round these interactions, not the precise content material – for just under 110 million clients from the compromised cloud storage.

This 110 million determine is considerably bigger than what the digital thief has claimed, so it could possibly be a partial dump from the bigger Snowflake heist.

Additionally final yr: AT&T confirmed that greater than 73 million records belonging to present and former clients and dumped on the darkish net in March 2024 have been legit.

That treasure trove of non-public data allegedly dated again to an excellent earlier knowledge dump, stolen and provided on the market by ShinyHunters in 2021. On the time, AT&T denied that the client knowledge being provided on the market belonged to it. RestorePrivacy, nonetheless, considered the dataset, and spoke to members of ShinyHunters, who mentioned the information belonged to US-based AT&T clients, however would not reveal how they obtained it. 

The variety of stolen data appears a more in-depth match to the 2021 theft. However till AT&T lets us know which beforehand disclosed knowledge breach — if any — is linked to this newest buyer data dump, we cannot know for certain. 

Regardless, in case you’re an AT&T buyer, it is a good suggestion to intently monitor your credit score and hold a watch out for any indication of fraud or id theft.

“With each date of delivery and SSNs being compromised, malicious actors have all the knowledge they should conduct fraud and impersonate AT&T clients,” Thomas Richards, Infrastructure Safety Apply Director at Black Duck, mentioned in an e-mail to The Register. “The unique breach of delicate data from AT&T was sufficient to fret their clients. Now it poses important threat to their identities.” ®