70 Million AT&T Records Found on Hacker Forum
Over the past weekend, an immense database containing more than 70 million records, purportedly stolen from the American telecommunications behemoth AT&T in 2021, was discovered on a cybercriminal forum.
According to Dark Web Informer, who first reported the incident, the stolen files encompass a vast array of the company’s customers’ personal information: from names, social security numbers, and dates of birth to addresses, emails, phone numbers, and other personal details. The exact count of records in the dump is 73,481,539 lines.
VX-Underground experts have stated that independent verification confirmed the authenticity of these data, affirming that they indeed belong to current AT&T customers.
In August 2021, the criminal group ShinyHunters claimed to have accessed the private information of 70 million AT&T customers and attempted to sell this database in an auction format, with the starting price of the leaked database beginning at $200,000 and a ceiling set at $1 million.
This time, it appears that this data archive has been made publicly available for unlimited access and is being distributed entirely for free, granting access to anyone interested, not just millionaires with nefarious intentions.
Regarding AT&T’s official stance on this issue, the company had vigorously denied any leak in 2021, claiming that the published information did not originate from its systems and that no breach had been detected by its specialists.
In response to recent claims of a potential data leak, AT&T has reiterated that it “has not observed any signs of system compromise,” which is unsurprising if the data is outdated.
Regardless, if the information in the dump is indeed authentic and now freely available to any hacker, AT&T customers who were with the company at the time of the original leak must now exercise heightened vigilance against fraud, as any leaked information can be exploited by anyone for malicious purposes.
This incident raises questions about the security and privacy of personal data, as well as how companies protect their customers’ information from unauthorized access.