71 million AT&T customers need to be on high alert after data from 2021 leak surfaces again

71 million AT&T customers need to be on high alert after data from 2021 leak surfaces again،

Imagine your social security number and other personal data being advertised as being for sale on the dark web. This is what happened to 71 million AT&T customers, according to Computer beeping. In 2021, a “threat actor” using the pseudonym Shining Hunters posted an announcement on RaidForums offering to provide sensitive information allegedly obtained in an alleged AT&T data breach.

The information disclosed includes customers' names, addresses, cell phone numbers, social security numbers (encrypted), dates of birth (encrypted), etc. Bleeping Computer and other cybersecurity research firms examined a sample of the data obtained by ShniyHunters and I found that some of them were correct. In 2021, AT&T told Bleeping Computer that the leaked data did not come from its computer systems. “Based on our investigation today, information that appeared in an Internet chat room does not appear to originate from our systems,” the wireless carrier said that year.

Even today, AT&T continues to deny being the source of the personal data, telling Bleeping Computer that there is no evidence that it suffered a data breach. The website asked AT&T if it was possible the data came from a third-party service provider or vendor, but the carrier has yet to respond to that query.

Threat Actor MajorNelson Posts Leaked AT&T Customer Data on Hacking Forum - 71 Million AT&T Customers Must Be on Alert After 2021 Data Surfaces Again

Threat actor MajorNelson posts leaked AT&T customer data to hacking forum

When Bleeping Computer told the “threat actor” in 2021 that AT&T said it was not the source of the leaked data, Shining Hunters said: “I don't care if they don't admit it. I'm just selling.” At the time, the price to buy the data was estimated at $1 million for the whole thing.

AT&T customers should continue to be alert. Another “threat actor” using the name “MajorNelson” recently took to a hacking forum and leaked data for free. He claimed that this information came from the same data as Shining Hunters was looking to monetize in 2021. The fact that some data was encrypted should not give affected AT&T customers a false sense of security. The report states that the “threat actors” were able to decrypt birthdates and social security numbers and added them to another file during the leak.

Bleeping Computer says “all signs point to this being AT&T customer data.” If you were an AT&T customer before and during 2021, be on the lookout for text messages that ask you to tap links. Be wary of email phishing and other online correspondence that asks you to provide personal information. And if you receive a text message or email about replacing or swapping your SIM card, call your carrier immediately if you haven't requested a new SIM or eSIM card.