AT&T Data Breach Hack in 2021 Up For Sale in 2024

AT&T refutes any involvement, reiterating their stance from 2021, stating no evidence of a breach existsPhoto byPalm Coast Local

On March 20, 2024, Pieter Arntz; Malware Intelligence Researcher, provided insights into the recent exposure of data from over 70 million individuals on an online cybercrime platform, purportedly originating from a breach at AT&T in 2021.

In 2021, a hacker known as Shiny Hunters declared breaching AT&T and offering the allegedly stolen data for $1 million. Presently, another entity named MajorNelson has surfaced, claiming to have leaked the same data. However, according to Bleeping Computer, AT&T refutes any involvement, reiterating their stance from 2021, stating no evidence of a breach exists. No response was given regarding the possibility of a third-party (in-house) provider being the source.

The leaked data comprises personal details such as names, addresses, mobile numbers, dates of birth, social security numbers, and internal information. While a similar dataset was available in 2021, the encrypted birth dates and social security numbers have since been decrypted and included as supplementary files for most records. Multiple sources have confirmed the authenticity of the dataset.

Despite AT&T's denial, AT&T customers can take several precautionary measures:

Remain cautious of impersonators claiming to represent AT&T. Scammers often exploit data breaches to deceive individuals into divulging personal information. Verify the legitimacy of any communication from AT&T directly. Scammers might not always impersonate AT&T instead they employ various tactics to deceive individuals. These tactics include sending fraudulent invoices, orchestrating phone scams claiming arrest warrants, engaging in bad debt schemes, and other fraudulent activities. They exploit the "fear factor" to coerce swift action from their targets.

Avoid hasty decisions. Scammers thrive on creating a sense of urgency to coerce individuals into divulging personal or financial information. Take a moment to assess the situation and refrain from sharing sensitive data.

Implement identity monitoring. Identity monitoring services can alert you to any unauthorized trading of your personal information online and assist in recovery efforts.

(Opinion) The rampant theft of our information has spiraled out of control, extending beyond just medical facilities to encompass various data carriers, shopping apps, credit reporting sites, and numerous others. This widespread breach leaves us vulnerable to identity theft, financial losses, compromised emails, and harassment via phone calls.

The burden of the long-term consequences falls on the consumer as you can see here, despite the meager compensation offered in the form of "free credit monitoring" and class-action lawsuits, which only benefit a limited number of individuals. Such remedies, while sometimes offered, may not effectively catalyze systemic change due to their limited impact compared to the necessity for stricter compliance measures.

What are your thoughts on the large databreach thefts occuring? Have you been a target of a scam while not understanding how your information was gotten? Tell us in the comments.