March 18, 2024 at 12:51PM
Over 70 million records stolen from AT&T in 2021 were recently dumped on a cybercrime forum. The files contain personal information such as names, Social Security Numbers, and addresses. Despite initial denials, an underground source confirmed the legitimacy of the data. This breach follows a previous admission of a hack affecting 9 million wireless customers in 2023. AT&T denies a compromise of their systems.
Based on the meeting notes provided, it appears that more than 70 million records were allegedly stolen from AT&T in 2021 and were subsequently dumped on a cybercrime forum. The stolen files contain a range of personal information including names, Social Security Numbers, dates of birth, addresses, emails, and phone numbers. It was claimed by Dark Web Informer that the stolen data is legitimate, and later confirmed by VX-Underground.
In August 2021, the group ShinyHunters claimed to have accessed private details of 70 million AT&T customers and attempted to sell the database for $1 million. However, AT&T denied the legitimacy of the stolen data at that time.
Subsequently, in January 2023, it was confirmed that miscreants had accessed the account information of about 9 million wireless customers, with the stolen records including customer proprietary network information. An AT&T spokesperson explained that the data was several years old and mostly related to device upgrade eligibility.
Despite these breaches, AT&T has maintained that there are no indications of a compromise of their systems and has stated that the same dataset has been recycled multiple times on online forums. AT&T, however, did not immediately respond to The Register’s request for comment.