AT&T Data Breach Exposes 70 Million Customer Records

Over 70 million records associated with AT&T customers have been leaked on the popular hacking forum, Breached. The data, purportedly stolen in 2021 by the notorious hacking group ShinyHunters, includes sensitive personal information such as names, phone numbers, physical addresses, email addresses, social security numbers, and dates of birth.

The leak was first reported by researchers at vx-underground, who confirmed the authenticity of the data. However, it remains unclear whether the information was directly stolen from AT&T or through a third-party organization linked to the telecommunications giant.

ShinyHunters, a group known for its involvement in numerous major breaches, including incidents targeting Tokopedia, Microsoft, and Chatbooks.com, initially claimed possession of the data in August 2021. The group was willing to auction the data, starting at $200,000, or sell it immediately for $1 million. AT&T, at the time and consistently thereafter, has denied that the breach originated from within its systems.

The leaked data has now reemerged, this time posted publicly by an individual using the alias MajorNelson, who claimed the data was obtained from an unnamed AT&T division. The release of such a substantial volume of personal data raises significant concerns over the potential for identity theft, financial fraud, and other malicious activities targeting the affected customers.

Despite the claims, AT&T has maintained that an investigation into the matter revealed no evidence of a system breach. "Based on our investigation today, the information that appeared in an internet chat room does not appear to have come from our systems," stated AT&T to the publication BleepingComputer in 2021.

Customers of AT&T, especially those who may have been subscribers before and through 2021, are advised to remain vigilant against potential phishing attempts and to monitor their accounts for any unusual activity.