In a shocking revelation, AT&T admitted on Friday that it had suffered a massive security breach that affected tens of millions of its customers. The hack, which occurred between May 1, 2022, to October 31, 2022, and again on January 2, 2023, resulted in the theft of large amounts of customer data. The stolen data included phone call and text message records of nearly all AT&T cellular customers, as well as AT&T landline customers who interacted with these wireless customers during the affected period.
However, what makes this news even more astonishing is that AT&T reportedly paid the hacker a staggering $370,000 in cryptocurrency to delete the stolen data. This payment was made in May, and as part of the deal, the hacker had to provide a video proof that the data had been deleted. According to Wired, the telecom giant negotiated with the hacker through a security researcher known as Reddington, who acted as an intermediary and received a fee for his services.
Initially, the hacker had demanded $1 million to delete the data, but eventually accepted around a third of that amount. Reddington confirmed that he was satisfied that the deletion video showed the entirety of the stolen dataset being wiped. The hacker is believed to be part of the ShinyHunters hacking group, which has also been linked to the theft of data from unsecured storage accounts operated by U.S. cloud computing company Snowflake.
The news of the payment has raised concerns about AT&T’s cybersecurity practices and its willingness to pay hackers to delete stolen data. Many experts have criticized the company’s decision, arguing that it sets a dangerous precedent and can encourage further attacks. It is also unclear why AT&T did not notify its customers of the hack earlier, as it did not publicly comment on the matter until Friday.
AT&T’s admission comes on the heels of a previous breach that occurred in March, which affected 7.6 million current customers and 65.4 million former ones. In that incident, personal information such as names and Social Security numbers was stolen. The latest hack adds to the growing list of cybersecurity incidents affecting major companies, including Robinhood’s recent data breach and T-Mobile’s multiple security breaches.
The incident raises questions about the security measures in place at AT&T and the company’s ability to protect its customers’ sensitive information. While AT&T has assured its customers that the stolen data did not include details such as Social Security numbers, dates of birth, or other personally identifiable information, the hack still highlights the importance of robust cybersecurity measures to prevent future incidents.
It is imperative that companies like AT&T take proactive steps to strengthen their security systems and investigate any potential breaches promptly. It is also crucial that customers remain vigilant and take steps to protect their personal information.