Pierluigi Paganini
March 17, 2024
More than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached, vx-underground researchers reported.
Today 70,000,000+ records from an unspecified division of AT&T were leaked onto Breached. No information is available to indicate whether it is a 3rd party compromise, or which 'division' this data is from.
— vx-underground (@vxunderground) March 17, 2024
Regardless, upon review we can confirm the stolen data is legitimate.
The researchers confirmed that the leaked data is legitimate, however, it is still unclear if the information was stolen from a third-party organization linked to AT&T.
The seller, who goes online with the moniker MajorNelson, claims that the data was obtained from an unamed AT&T division by @ShinyHunters in 2021. The archive contains 73.481.539 records.
“It should be noted before anyone hits us with an “aktschually” – the data was stolen in 2021. It was leaked online today.” said vx-underground.
It should be noted before anyone hits us with an "aktschually" – the data was stolen in 2021. It was leaked online today.
— vx-underground (@vxunderground) March 17, 2024
In August 2021, the ShinyHunters group claimed to have a database containing private information on roughly 70 million AT&T customers, but the company denied that they had been stolen from its systems.
ShinyHunters is a popular hacking crew that is known to have offered for sale data stolen from tens of major organizations, including Tokopedia, Homechef, Chatbooks.com, Microsoft, and Minted.
In August 2021, the group asked $1 million for the entire database, or $200,000 for access, according to the RestorePrivacy website that examined a sample that appears authentic.
“While we cannot yet confirm the data is from AT&T customers, everything we examined appears to be valid.” reads the RestorePrivacy website. “Here is the data that is available in this leak:
The threat actors claimed that data belonged to AT&T customers in the United States, the group told RestorePrivacy that they were available to support AT&T in securing its systems for a reward.
AT&T denied any data breach, below is the statement from the telecomunication giant:
“Based on our investigation Thursday, the information that appeared in an internet chat room does not appear to have come from our systems,”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)
