Telecom giant AT&T disclosed on March 30 that data from about 73 million current and former account holders have been leaked onto the “dark web,” and the incident is under investigation.
AT&T said it had reset passcodes for 7.6 million current account holders affected by the leak.
“We will be reaching out to individuals with compromised sensitive personal information separately and offering complimentary identity theft and credit monitoring services,” the company said in a statement.
AT&T said it hasn’t found any evidence of unauthorized access to its systems that resulted in data being stolen and that it has launched a “robust” investigation into the incident with the help of outside cybersecurity experts.
“Our internal teams are working with external cybersecurity experts to analyze the situation,” the company said in a statement. “To the best of our knowledge, the compromised data appears to be from 2019 or earlier and does not contain personal financial information or call history.”
It’s unclear if the leaked data originated from AT&T or one of the company’s vendors.
AT&T said the incident has not had a material impact on its operations.
‘The Impact Is Significant’
The threat actor was trying to auction off the data on a hacking forum, according to BleepingComputer, with a starting price of $200,000 while offering to sell it immediately for $1 million.Mr. Hunt said that what the hacker was advertising as about 70 million records actually had 73.5 million lines, including 49.1 million unique email addresses, 44 million Social Security numbers, and 43.5 million dates of birth.
He said it’s inconclusive whether the data originated from AT&T or a third-party, but insisted that he had proved “with sufficient confidence, that the data is real and the impact is significant.”
“We have no indications of a compromise of our systems. We determined in 2021 that the information offered on this online forum did not appear to have come from our systems,“ he told the outlet in a statement. ”This appears to be the same dataset that has been recycled several times on this forum.”
