[BreachExchange] 70M stolen AT&T records advertised for sale by well-known hacker

Fri Aug 20 08:49:27 EDT 2021

https://siliconangle.com/2021/08/19/70m-stolen-att-records-advertised-sale-well-known-hacker/

Telecommunications company AT&T Inc. has possibly been hacked with a
well-known hacker advertising a database from the company with more than 70
million customer records.

The listing on the hacking site Raid Forums, from ShinyHunters, claims that
the database includes Social Security numbers and dates of birth. In a
change from a typical offer, Shiny is offering the data on a bidding basis.
The first bid starts at $200,000 with bids going up $30,000 each after
that. “Flash,” presumably a “buy it now” price, is $1 million.

A random person posting on Raid Forums mostly wouldn’t warrant attention,
but Shiny is known for its reliable hacks and offerings. Shiny has “God”
tier status on Raid Forums, the highest rating available with a reputation
score of 2,244. Shiny’s previous hacks and data offerings include Pixlr in
January, MeetMindful the same month and Dave in July 2020.

The alleged stolen data includes full names, addresses, zipcodes, date of
birth, email addresses and Social Security numbers.

In an email to SiliconANGLE, a spokesperson for AT&T denied that the data
belonged to them. “Based on our investigation today, the information that
appeared in an internet chat room does not appear to have come from our
systems,” the spokesperson said.

The alleged hack and ShinyHunters offering comes as a hack of T-Mobile,
which was first known through a post on Raid Forums, continues to gain
media attention. T-Mobile was first reported to be investigating a
potential hack on Aug. 15 after a Raid Forums member called “Subvirt”
advertised the stolen data for sale for six bitcoin ($283,000). Forward to
Aug. 16 and T-Mobile confirmed it was hacked, yet again.

T-Mobile arguably has the worst record when it comes to data security and
hacking among U.S. telcos. Previous hacks involving T-Mobile include the
theft of the details of 2 million customers in August 2018, a hack
involving the theft of prepaid customer data in November 2019, the theft of
employee and customer data in March 2020 and a “security incident”
involving “malicious, unauthorized access” to some information related to
T-Mobile accounts in January.

The company subsequently said Aug. 18 that it believed that the details of
48 million people had been compromised in the hack. The data stolen
included records belonging to just over 40 million former or prospective
customers who had applied for credit, along with 7.8 million current
customers of T-Mobile’s postpaid internet plans.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210820/4ce3556d/attachment.html>