Search the Community

AT&T this week is letting customers and former customers know about a major data leak, and it is sending out emails and resetting passcodes to prevent unauthorized account access. 7.6 million customers and 65.4 million former customers have had their passcodes stolen and have had sensitive data leaked. AT&T claims that there was no unauthorized access to its systems resulting in the theft of the data set, with the information obtained several years ago. Back in 2021, a hacking group said that it had stolen information on 70 million AT&T customers. AT&T at the time said that it had not suffered a breach, and the company still insists that the data did not come from its systems. Customer information leaked includes names, addresses, birth dates, AT&T account numbers, phone numbers, email addresses, and social security numbers, along with passcodes. The data was not made public until March 2024, but now that it is out in the wild, AT&T has initiated passcode resets and says that it is working with external cybersecurity experts to further analyze the situation. The company says leaked data does not include financial information or call history, and it will be providing complimentary identity theft and credit monitoring services for those who had their personal information compromised. AT&T has determined that AT&T data-specific fields were contained in a data set released on the dark web. While AT&T has made this determination, it is not yet known whether the data in those fields originated from AT&T or one of its vendors. With respect to the balance of the data set, which includes personal information such as social security numbers, the source of the data is still being assessed. Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and 65.4 million former account holders. Currently, AT&T does not have evidence of unauthorized access to its systems resulting in theft of the data set.Impacted current and former customers will be receiving a letter or an email from AT&T.Tag: AT&T This article, "AT&T Notifying Customers About Massive Data Leak" first appeared on MacRumors.com Discuss this article in our forums View the full article

AT&T has initiated a mass reset of millions of customer account passcodes following a reported data breach. The post Millions Impacted in Mass Passcode Reset of AT&T Accounts appeared first on Enzoic. The post Millions Impacted in Mass Passcode Reset of AT&T Accounts appeared first on Security Boulevard. View the full article

American telecommunications behemoth AT&T has finally confirmed the authenticity of the 2021 data breach that spilled sensitive user information on the dark web, and has initiated a mass reset of user passcodes. Roughly three years ago, privacy blog RestorePrivacy broke the news of a hacker selling sensitive data belonging to more than 70 million AT&T customers. The data allegedly contained people’s names, phone numbers, postal addresses, email addresses, social security numbers, and dates of birth. While AT&T initially denied the breach, saying the data wasn’t from the company, the hacker, going by the name “ShinyHunters” said the organization will likely continue denying until they leak it all. Mass reset Surely enough, last month, a seller published the full database, affecting 73 million people - and TechCrunch analyzed the database, confirming its authenticity, and also establishing that it contained user passcodes, prompting a swift alert towards AT&T. Passcodes are four-digit numbers that work as the second security layer, and are used to access user accounts. Even though they were encrypted, some researchers argued that it is something that can be worked around. Apparently, there is not enough randomness in the encrypted data, which means that in theory, a threat actor could guess the passcode. It seems the threat is more than just theoretical, as AT&T initiated a mass-reset of the passcodes over the weekend. “AT&T has launched a robust investigation supported by internal and external cybersecurity experts,” the company said in a statement published on Saturday. “Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders.” “AT&T does not have evidence of unauthorized access to its systems resulting in exfiltration of the data set,” the statement said. While the telco did confirm the breach, it says that it still doesn’t know where the data came from, whether it was directly from its servers, or from its vendors. More from TechRadar Pro Hot Topic confirms multiple new cyberattacks — customer details and payment info exposed onlineHere's a list of the best firewalls around todayThese are the best endpoint security tools right now View the full article

A swift esponse to a major outage can make a big difference in regards to retaining customer confidence.View the full article

In a historic collaboration initiative, IBM and AT&T announced their partnership on building a hybrid cloud that’ll be powered by 5G. The idea here is to use the 5G power provided by AT&T to manage applications hosted in a hybrid cloud architecture using the IBM Cloud Satellite. The key benefits for organizations being introduced using this partnership are ease and convenience of application management, enhanced user experience and cybersecurity. View the full article