71 million AT&T customers need to be on high alert after data from 2021 leak surfaces again،
The information disclosed includes customers' names, addresses, cell phone numbers, social security numbers (encrypted), dates of birth (encrypted), etc. Bleeping Computer and other cybersecurity research firms examined a sample of the data obtained by ShniyHunters and I found that some of them were correct. In 2021, AT&T told Bleeping Computer that the leaked data did not come from its computer systems. “Based on our investigation today, information that appeared in an Internet chat room does not appear to originate from our systems,” the wireless carrier said that year.
Even today, AT&T continues to deny being the source of the personal data, telling Bleeping Computer that there is no evidence that it suffered a data breach. The website asked AT&T if it was possible the data came from a third-party service provider or vendor, but the carrier has yet to respond to that query.
Threat actor MajorNelson posts leaked AT&T customer data to hacking forum
When Bleeping Computer told the “threat actor” in 2021 that AT&T said it was not the source of the leaked data, Shining Hunters said: “I don't care if they don't admit it. I'm just selling.” At the time, the price to buy the data was estimated at $1 million for the whole thing.
AT&T customers should continue to be alert. Another “threat actor” using the name “MajorNelson” recently took to a hacking forum and leaked data for free. He claimed that this information came from the same data as Shining Hunters was looking to monetize in 2021. The fact that some data was encrypted should not give affected AT&T customers a false sense of security. The report states that the “threat actors” were able to decrypt birthdates and social security numbers and added them to another file during the leak.
Bleeping Computer says “all signs point to this being AT&T customer data.” If you were an AT&T customer before and during 2021, be on the lookout for text messages that ask you to tap links. Be wary of email phishing and other online correspondence that asks you to provide personal information. And if you receive a text message or email about replacing or swapping your SIM card, call your carrier immediately if you haven't requested a new SIM or eSIM card.