Cybersecurity NewsNews

AT&T Under Heat as a Hacker Allegedly Exposed Its Sensitive Data


Today’s news report an alleged successful breach of AT&T digital system. The threat actor, who calls himself ‘Major Nelson’ posted on the Darkweb that he successfully breached and exposed data from the firm with a jaw-dropping number of records allegedly available. He is currently offering all the data for sale.

70 Million AT&T Customers Data At Risk

In the original post on a hacker forum, the user posted a relatively small sample of the data. We examined the sample, which appears authentic based on available public records. Additionally, the user who posted it has a history of major data breaches and exploits, as we’ll examine more below.

Back in 2021, AT&T denied the initial breach to RestorePrivacy. However, RestorePrivacy looked into the data and confirmed it looked authentic with lots of recognizable evidence. This doesn’t look good for the tech giant at the moment. While we cannot yet confirm if the data is from customers, everything we examined appears to be valid.

According to the threat actor’s post, it claims to have about 70M AT&T databases from 2021.  The hacker claims the data shows SSN, DOB, Full Names, Phones, Addresses, Emails, and other info from the database with a staggering record figure of 73,481,539.

Furthermore, with such a bold claim, this attack’s massive impact on AT&T and its users will be unforgettable. Moreover, the threat actor revealed to have the login details and password to access the breached data.

However, at the time of writing, it is unclear if the hacker will be selling files to the public or negotiating a price with AT&T for a ransom payment. Notably, the hacker’s webpage indicates that the hacker has had little engagement in the dark world space with 3 posts on attacks made and 2 threads.

It’s advised AT&T customers to be vigilant against any suspicious activities or compromised accounts on other platforms. The website haveibeenpwned, which cybersecurity researcher Troy Hunt maintains, is a valuable tool to check if threat actors leaked your personal information