Hackers accessed personal data from 9 million AT&T customers

Daniel Sims

Posts: 919   +35
What just happened? Many AT&T customers recently received an email saying hackers accessed their Customer Proprietary Network Information (CPNI). Classic phishing vocabulary, but the alert isn't a scam. Users should take steps to secure their AT&T account, including fortifying their password and filing a CPNI restriction request.

Telecom provider AT&T recently alerted customers that a cyberattack exposed some information from their accounts. No credit card data, social security numbers, passwords, or dates of birth got out, but the hack exposed some details regarding users' phone plans.

Information at risk includes customer first names, email addresses, number of lines on accounts, device types, device upgrade eligibility, rate plan names, past due amounts, monthly payment amounts, and minutes used. The company told Bleeping Computer that the breach affected about 9 million accounts.

Hackers aimed the January attack at one of AT&T's marketing vendors rather than the company itself. The provider didn't identify the vendor but said the attackers exploited one of the vendor's security vulnerabilities, which has since been patched. The company also contacted federal law enforcement as legally required, assuring customers that it didn't share personal account information with authorities.

Impacted customers should enable additional password protections, like logging in with a PIN. A PIN will protect users' accounts from bad actors calling AT&T and impersonating them using the personal information they obtained. Customers can also request CPNI restrictions, which limit but do not stop the company from marketing additional products to users.

Rival provider T-Mobile suffered a more significant attack in January. The breach impacted 37 million customers exposing names, billing addresses, email addresses, phone numbers, dates of birth, account numbers, and service plan information. However, no social security numbers or passwords were leaked.

The company theorized the attacker used an API to access the data starting last November until the company detected and stopped their actions on January 5. Another breach last summer affected 77 million T-Mobile customers, after which the company settled a class-action lawsuit for $350 million.

The last major cybersecurity incident involving AT&T was in August 2021, when the notorious threat actor ShinyHunters allegedly tried to sell the personal information of 70 million customers. The telecom titan denied that the data cache originated from its systems, but ShinyHunters insisted on its authenticity, offering the database for $200,000. Like the hack this January, the information may have come from one of the company's partners.

Permalink to story.



Posts: 4,766   +7,340
And if you're a user of certain antivirus products such as Norton, you already know this because you're being spammed about it every. Single. Day.


Posts: 317   +215
Damn WEF are good with their predictions. First it was a virus, and that happened and the cyber attacks and now they are starting to come about every where. Amazing. Like they almost knew it was going to happen...


Posts: 734   +491
Half of them will receive an email:

"This is your email address: <email_address>
This is your phone number: <phone_number>
This is your home address: <home_address_and_picture_from_google_earth>

We also know you visited XXX sites, we have access to your camera and have a video of you masturbating. Pay $1000 in BitCoin or else we'll send the video to all of your contacts".

And that's how a hacker group can earn 10 million dollars in just a few days.


Posts: 209   +86
And I suspect somewhere in their massive user agreement is verbiage like: AT&T cannot be held responsible if the 3rd parties they sell data to are compromised/hacked.