Vxunderground has discovered a massive data leak involving over 70 million records from an undisclosed division of AT&T. The data was found on the notorious Breached hacking forum.
Today 70,000,000+ records from an unspecified division of AT&T were leaked onto Breached. No information is available to indicate whether it is a 3rd party compromise, or which 'division' this data is from.
Regardless, upon review we can confirm the stolen data is legitimate.
— vx-underground (@vxunderground) March 17, 2024
Leaked Data: A Closer Look
The vx-underground team has verified the authenticity of the leaked data. However, it remains uncertain whether the data was pilfered directly from AT&T or a third-party organization associated with them.
The individual responsible for the leak, known by the online alias MajorNelson, alleges that the data was procured from an unnamed division of AT&T by the infamous @ShinyHunters in 2021. The leaked archive comprises a staggering 73,481,539 records.
As vx-underground points out, “The data was stolen in 2021 and has only been leaked online today.”
The ShinyHunters Connection
In August 2021, the ShinyHunters group claimed possession of a database containing private information of approximately 70 million AT&T customers. However, AT&T refuted any claims of data theft from its systems.
ShinyHunters, a well-known hacking collective, has a history of selling data stolen from numerous major organizations, including Tokopedia, Homechef, Chatbooks.com, Microsoft, and Minted.
According to the RestorePrivacy website, which analyzed a sample of the data, the group demanded $1 million for the entire database, or $200,000 for access, in August 2021.
It should be noted before anyone hits us with an "aktschually" – the data was stolen in 2021. It was leaked online today.
— vx-underground (@vxunderground) March 17, 2024
What Does the Leaked Data Include?
RestorePrivacy states, “While we cannot yet confirm the data is from AT&T customers, everything we examined appears to be valid.” The leaked data includes:
- Name
- Phone number
- Physical address
- Email address
- Social security number
- Date of birth
The threat actors assert that the data pertains to AT&T customers in the United States. They have also expressed willingness to assist AT&T in bolstering its security systems in exchange for a reward.
AT&T’s Response
AT&T has denied any data breach. In a statement, the telecommunications giant said, “Based on our investigation Thursday, the information that appeared in an internet chat room does not appear to have come from our systems.”