Personal data of 70 million AT&T customers being sold by hacker

Posted:
in General Discussion
A hacker known for other data breaches is selling a database allegedly containing gigabytes of AT&T customer information, including social security numbers, and is asking for $1 million to take it down.

AT&T customer data may have been breached by hacker
AT&T customer data may have been breached by hacker


The hacker, known as ShinyHunters, posted an example list of names, addresses, and social security numbers verified to be accurate and offers the rest for sale to hackers. AT&T has denied that the posted information came from its systems.

The report from Restore Privacy says that AT&T's response is surprising given the nature of the post and the hackers history. The hacker says they are willing to work with AT&T if the company makes contact for arrangement.

The information allegedly taken from AT&T came with three encrypted strings of data: birth dates, social security numbers, and possibly account pins. The hack also includes account holder's names, phone numbers, addresses, and email addresses.

If what the hacker says is true, then there are 70 million customers at risk of identity theft and fraud. While ShinyHunters wants AT&T to pay up, they are also selling access to the database at $200,000 a pop to other hackers seeking such data.

The sale post by ShinyHunters. Image source: Restore Privacy
The sale post by ShinyHunters. Image source: Restore Privacy


Customer information is a hot commodity in the hacking community due to the wide variety of fraud that can be committed with little effort, and synergies that can be gained by combining leaks. For example, only two days before this report, T-Mobile was reportedly hit with a server attack exposing 47.8 million people's data.

Read on AppleInsider

Comments

  • Reply 1 of 13
    dysamoriadysamoria Posts: 3,430member
    How are individual users impacted by shit like this when they are on a family plan (ie: dad pays the bill for four family members who have their own phones on his plan)? Is it a guarantee of the same vulnerabilities? Does each user have their SSN associated with their phones, or is that just the account holder whose SSN is stored?
  • Reply 2 of 13
    lkrupplkrupp Posts: 9,560member
    First T-Mobile, now AT&T. What I don’t understand is why the government (NSA, CIA, TSA, Homeland Security, whatever) isn’t shutting down these hacker’s websites. It’s turning out that the internet is a massive failure, that’s its open architecture is a threat to society, that no one is safe while using it, that it’s dangerous to use. It used to be that a robber had to stick a gun in your ribs to get your money. No longer. Thieves these days simply use the internet to relieve you of your life's savings, easy peasy.

    Why are corporations like these two, who are supposedly titans of tech, so vulnerable to hackers? Are their systems just leaky sieves? Is the server industry so incompetent they can’t produce secure hardware and software?

    The current ragging on Apple over its CSAM intentions pale in comparison to all the customer data for sale on the dark web. Forget the government, the hackers have already created a surveillance infrastructure that not even China can match. I’m not kidding.
    edited August 21 GeorgeBMacwatto_cobra
  • Reply 3 of 13
    badmonkbadmonk Posts: 1,001member
    lkrupp said:
    First T-Mobile, now AT&T. What I don’t understand is why the government (NSA, CIA, TSA, Homeland Security, whatever) isn’t shutting down these hacker’s websites. It’s turning out that the internet is a massive failure, that’s its open architecture is a threat to society, that no one is safe while using it, that it’s dangerous to use. It used to be that a robber had to stick a gun in your ribs to get your money. No longer. Thieves these days simply use the internet to relieve you of your life's savings, easy peasy.

    Why are corporations like these two, who are supposedly titans of tech, so vulnerable to hackers? Are their systems just leaky sieves? Is the server industry so incompetent they can’t produce secure hardware and software?

    The current ragging on Apple over its CSAM intentions pale in comparison to all the customer data for sale on the dark web. Forget the government, the hackers have already created a surveillance infrastructure that not even China can match. I’m not kidding.
    Couldn’t agree more.  I don’t understand this endless chatter about CSAM and the App Store duopoly when there are more pressing issues.
    watto_cobraDetnator
  • Reply 4 of 13
    jd_in_sbjd_in_sb Posts: 1,600member
    The hacker has limited intelligence if they think AT&T will pony up millions 
    watto_cobra
  • Reply 5 of 13
    22july201322july2013 Posts: 2,598member
    lkrupp said:
    What I don’t understand is why the government (NSA, CIA, TSA, Homeland Security, whatever) isn’t shutting down these hacker’s websites. It’s turning out that the internet is a massive failure, that’s its open architecture is a threat to society, that no one is safe while using it, that it’s dangerous to use. It used to be that a robber had to stick a gun in your ribs to get your money. No longer. Thieves these days simply use the internet to relieve you of your life's savings, easy peasy.
    I'm not being facetious here... I would really like to know how the US government could shut down servers in hostile countries. Or even in friendly countries. Please explain.
  • Reply 6 of 13
    lkrupp said:
    What I don’t understand is why the government (NSA, CIA, TSA, Homeland Security, whatever) isn’t shutting down these hacker’s websites. It’s turning out that the internet is a massive failure, that’s its open architecture is a threat to society, that no one is safe while using it, that it’s dangerous to use. It used to be that a robber had to stick a gun in your ribs to get your money. No longer. Thieves these days simply use the internet to relieve you of your life's savings, easy peasy.
    I'm not being facetious here... I would really like to know how the US government could shut down servers in hostile countries. Or even in friendly countries. Please explain.
    Reform incarcerated hackers into white hats and give them a bounty to take down servers in other countries.
    watto_cobra
  • Reply 7 of 13
    roakeroake Posts: 770member
    lkrupp said:
    What I don’t understand is why the government (NSA, CIA, TSA, Homeland Security, whatever) isn’t shutting down these hacker’s websites. It’s turning out that the internet is a massive failure, that’s its open architecture is a threat to society, that no one is safe while using it, that it’s dangerous to use. It used to be that a robber had to stick a gun in your ribs to get your money. No longer. Thieves these days simply use the internet to relieve you of your life's savings, easy peasy.
    I'm not being facetious here... I would really like to know how the US government could shut down servers in hostile countries. Or even in friendly countries. Please explain.
    With a tactical special ops team.
    watto_cobra
  • Reply 8 of 13
    sunman42sunman42 Posts: 132member
    dysamoria said:
    How are individual users impacted by shit like this when they are on a family plan (ie: dad pays the bill for four family members who have their own phones on his plan)? Is it a guarantee of the same vulnerabilities? Does each user have their SSN associated with their phones, or is that just the account holder whose SSN is stored?
    No, only the name of record ("account holder") has to provide a Social Security Number so the telco can get a credit report on them — from one of the credit rating outfits, known far and wide for spilling personally identifiable information. (No one gets to opt out of credit rating if they have any form of credit: mortgage, car loam, credit cards; the best you can do is to freeze reporting to minimize further identity theft.)
    watto_cobra
  • Reply 9 of 13
    sunman42sunman42 Posts: 132member
    I'm not being facetious here... I would really like to know how the US government could shut down servers in hostile countries. Or even in friendly countries. Please explain.

    The US government, through Cyber Command and probably other agencies/teams as well, maintains offensive as well as defensive cyber capabilities. Those include, but are not limited to, taking over servers remotely. If the servers are in countries with which we're friendly, law enforcement agencies can engage with authorities in those countries to convince ISPs to block all traffic to/from given servers or IP ranges, or even shut down known bad actor ISPs.
    edited August 22 watto_cobra
  • Reply 10 of 13
    We need to have special action teams who simply vanish these guys ... disappear without a trace.

    Have that happen a couple of times and suddenly other endeavors appear to be much more profitable ...
    watto_cobra
  • Reply 11 of 13
    lkrupplkrupp Posts: 9,560member
    lkrupp said:
    What I don’t understand is why the government (NSA, CIA, TSA, Homeland Security, whatever) isn’t shutting down these hacker’s websites. It’s turning out that the internet is a massive failure, that’s its open architecture is a threat to society, that no one is safe while using it, that it’s dangerous to use. It used to be that a robber had to stick a gun in your ribs to get your money. No longer. Thieves these days simply use the internet to relieve you of your life's savings, easy peasy.
    I'm not being facetious here... I would really like to know how the US government could shut down servers in hostile countries. Or even in friendly countries. Please explain.
    Easy to explain. Hostile countries shut down servers in the U.S. all the time with ransomeware. Just read the news. If they can do it so can we. Some are always ragging here about the power of the NSA/CIA to surveil everything they wish to. Ever hear of Stuxnet? 
    watto_cobra
  • Reply 12 of 13
    The article says the birth dates, social security numbers and PIN's were encrypted data.  The names and addresses were not.  So the critical stuff is unreadable, right?
  • Reply 13 of 13
    GeorgeBMacGeorgeBMac Posts: 10,496member
    lkrupp said:
    First T-Mobile, now AT&T. What I don’t understand is why the government (NSA, CIA, TSA, Homeland Security, whatever) isn’t shutting down these hacker’s websites. It’s turning out that the internet is a massive failure, that’s its open architecture is a threat to society, that no one is safe while using it, that it’s dangerous to use. It used to be that a robber had to stick a gun in your ribs to get your money. No longer. Thieves these days simply use the internet to relieve you of your life's savings, easy peasy.

    Why are corporations like these two, who are supposedly titans of tech, so vulnerable to hackers? Are their systems just leaky sieves? Is the server industry so incompetent they can’t produce secure hardware and software?

    The current ragging on Apple over its CSAM intentions pale in comparison to all the customer data for sale on the dark web. Forget the government, the hackers have already created a surveillance infrastructure that not even China can match. I’m not kidding.
    Partly it's a case of "follow the money" as the companies that are hacked suffer no meaningful losses -- their customers do!

    But, this is not ONLY a private industry problem it is a national security problem.   In addition to our industries, it was just reported that our State Dept was hacked a couple weeks ago -- again!
    But:
    We're too busy flaunting those broad side of a barn thingees we call "Aircraft Carriers".

    The U.S. defense forces (including intelligence) is reminding me of the British military of several hundred years ago:  standing up there in neat, straight lines so proud in their bright red coats -- while rebels took them down one by one with squirrel rifles.

    We are out of date and fighting the wrong battles.
    The methods of war have moved to cyberwarfare (and criminality) along with propaganda and disinformation -- "asymetric warfare".

    With these criminals and foreign cyberforces we need to do more than shut down their servers.  We need to shut them down as we would any who attack our country.   But, we do

    edited August 22
Sign In or Register to comment.