86 million AT&T records leaked online - and this time they’re decrypted, so be on your guard

News
By published

Decrypted AT&T files have appeared online

A mobile phone displays the AT&T logo in front of a blurred economic stock exchange index graph in the background
(Image credit: Getty Images)
  • AT&T is investigating new claims of a data breach
  • The data was posted on a breach forum, and includes plaintexts SSNs
  • It could be new, or could be a re-release of older data

AT&T is investigating a leak of data on a cybercrime forum, but with some skepticism, as some have suggested it may just be a re-release of an earlier data breach.

The trove of data includes 88 million customer records, but 86 million of these are unique, including personal information such as dates of birth, phone numbers, email addresses, physical addresses.

What makes this breach potentially dangerous is that the data is highly organized, and includes 44 million plaintext social security numbers that could be used to commit fraud and identity theft.

Just a re-release or something more sinister?

The HackRead research team first spotted the files on May 15, with the same collection of data appearing again on June 3 and spreading to multiple other leak sites and forums since then.

There is some debate over the origin of the data, with HackRead finding similarities between encrypted and plaintext values from the collection that could tie it to the April 2024 AT&T breach that utilized the Snowflake vulnerability.

On the other hand, it could be a re-release of a previous breach, or a combination of one of the many AT&T breaches.

For example, in 2024 AT&T confirmed that the data of 51 million customers had been stolen after previously denying that the data was stolen from AT&T systems.

The data was initially stolen in 2021. The famous Snowflake vulnerability debacle of 2024 also saw customer data stolen from AT&T, with the company then negotiating and paying $300,000 in Bitcoin to one of the hackers to delete the data.

The bottom line is that the data includes almost everything a cyber criminal would need to commit fraud or steal an identity, making identity theft protection and credit monitoring a good choice for those potentially affected by the breach.

Via The Register

You might also like

Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict has been with TechRadar Pro for over two years, and has specialized in writing about cybersecurity, threat intelligence, and B2B security solutions. His coverage explores the critical areas of national security, including state-sponsored threat actors, APT groups, critical infrastructure, and social engineering.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the Centre for Security and Intelligence Studies at the University of Buckingham, providing him with a strong academic foundation for his reporting on geopolitics, threat intelligence, and cyber-warfare.

Prior to his postgraduate studies, Benedict earned a BA in Politics with Journalism, providing him with the skills to translate complex political and security issues into comprehensible copy.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.