Telecommunications giant AT&T Inc. (NYSE: T) recently disclosed a significant data breach dating back to 2021 that resulted in the exposure of sensitive information belonging to 73 million users and is now circulating on the dark web.
The leaked data includes a wealth of personal details such as Social Security numbers, email addresses, phone numbers and dates of birth, affecting both current and former account holders. AT&T revealed that among the impacted people, 7.6 million are current account holders.
"Currently, AT&T does not have evidence of unauthorized access to its systems resulting in exfiltration of the data set. The company is communicating proactively with those impacted and will be offering credit monitoring at our expense where applicable," AT&T said in its press release about the situation.
The hacker behind this brazen cyberattack is ShiningHacker, a notorious figure known for previous data breaches targeting platforms such as Wattpad, Tokopedia, and Microsoft Corp.'s (NASDAQ: MSFT) GitHub, according to Bleeping Computer.
Initially, AT&T denied any internal data breach when a small portion of the stolen data surfaced in 2021, claiming no knowledge of leaked information from their servers or vendors.
However, subsequent investigations revealed a different story. While AT&T refuted the claims initially, ShiningHacker admitted to the breach, dismissing AT&T's stance with the assertion, "I don't care if they don't admit. I'm just selling," according to Bleeping Computer.
The hacker attempted to monetize the stolen data by offering it for sale on the RaidForums data theft forum, setting the starting price at $200,000 and accepting incremental offers of $30,000. ShiningHacker indicated a willingness to immediately sell the data for $1 million, underscoring the severity and audacity of the cybercrime.
Telecommunications providers have become recent targets of cyberattacks, with T-Mobile facing a breach in 2023 affecting 37 million customers, and Verizon Communications Inc. experiencing a leak impacting 63,000 customers and employees.
In December, the Federal Communications Commission (FCC) adopted a new role to ensure that "providers of telecommunications, interconnected voice over internet protocol (VoIP) and telecommunications relay services (TRS) adequately safeguard sensitive customer information."
The same ruling expanded the definition of "breach" in this context, to include inadvertent access, use or disclosure of customer information, except in cases where such information is acquired in good faith by an employee or agent of a carrier or TRS provider and such information is not used improperly or further disclosed.