After the T-Mobile data breach this August 2021, another American telecommunications provider got attacked. A cybercriminal is reportedly selling personal data of over 70 million AT&T customers.
However, the company denied the attack. Here is the full report for AT&T data breach 2021.
AT&T Cyberattack: Hacker Posts Sale on 70 Million User Data
The cybercriminal ShinyHunters recently posted a sale for "AT&T database +70 M (SSN/DOB)," presumably referring to the customer's Social Security Numbers and Date of Birth. The hacker set the bidding with a starting price of $200,000, with incremental offers of $30,000. Lastly, the hacker emphasized a flash sale for anyone paying $1 million.
In the post, the seller shared a sample subset of data, which contained names, phone numbers, physical addresses, email addresses, social security numbers, and dates of birth. An anonymous security researcher noted that two of the four people in the samples were identified customers in the AT&T database, per BleepingComputer.
ShinyHunters is a well-known cybercriminal with a long history of compromising websites, accessing developer repositories, and stealing credentials or API keys. According to BleepingComputer, ShinyHunters breached companies like BigBasket, Mathway, Microsoft's GitHub account, Nitro PDF, Pixlr, TeeSpring, Tokopedia, Wattpad, Promo.com, and many more.
However, AT&T denied suffering from a breach.
Read also: Elon Musk Reveals Tesla Bot on AI Day: Humanoid Robot Will Do 'Boring,' 'Dangerous' Work!
AT&T Data Breach 2021: Confirmed or Not?
After being notified, AT&T launched a quick investigation. In the report by SDxCentral, the company said, "Based on our investigation yesterday, the information that appeared in an internet chat room does not appear to have come from our systems."
When BleepingComputer asked AT&T if the leaked data might have come from third-party partners, the company chose not to speculate. "Given this information did not come from us, we can't speculate on where it came from or whether it is valid."
Since both the seller and the AT&T company refuse to provide any other comments, details for the attack are scant. It is hard to determine how the user information was acquired or whether it remains authentic.
Regardless, a hacker is reported to be selling user information in the dark web forums.
A New Cyberattack After T-Mobile Data Breach August 2021: How to Protect Yourself
Regardless of who is telling the truth, the AT&T Data Breach 2021 is a huge concern for registered customers.
Earlier this week, the T-Mobile American mobile network operator was also attacked by cybercriminals. The company confirmed up to 48 million user data leaked in the process. To address the issue, the company promised free identity protection services for its affected users. However, new security measures were also recommended for exposed accounts.
Right now, victims of these cyberattacks need to be wary of identity thieves. Enough data was stolen for malicious actors to forge IDs and possibly create fake bank accounts under the victim's name. At worse, they could also access bank accounts and steal the victim's money.
For victims who want to secure their accounts, here are four ways to protect yourself during this breach.
For victims who are wary of having their identity stolen, it is recommended that they apply to some of the best identity-monitoring services available.
Related Article: How Do You Fix No Service Issue on iPhone After Update? 5 Steps to Take to Resolve the Problem