Latest news with #HackRead
Forbes
2 days ago
- Forbes
‘Massive 2025 PayPal Breach'—Change Your Password Now
A cybercriminal is offering to sell a 'massive 2025 PayPal breach' on a cybercrime forum, claiming it exposes '15.8M credential pairs in plaintext,' with 'raw email: password:url entries across global domains.' The price is just $750. While Chucky_BF claims his leak is a high risk for credential stuffing, phishing, and fraud campaigns," there is no confirmation yet that this is new data and not just a PayPal delineated subset from wider infostealer troves. According to HackRead, which first reported the sale, the samples 'show Gmail addresses paired with passwords and linked directly to PayPal's login pages, while another features a user account appearing in both web and mobile formats, showing that the same account details were found in different versions of PayPal's services.' This seems to suggest 'a mix of real accounts and test or fake ones, which is often the case with stolen databases.' The dataset includes plenty of reused passwords, which is a wider risk for those using the same email and passwords across multiple accounts. There's now so much data out there, that separating new from rehashed takes time, as we saw with the infamous 16 billion record new data breach that never was. What is undeniable, though, is that your passwords and email addresses are guaranteed to have leaked or breached or been stolen somewhere, and they will now be for sale. Whether or not this is a new or an existing data breach, and even if it's not all real, the advice is the same. You should access your PayPal account settings, go to Security, and ensure your password is strong and unique, you enable 2FA using an authenticator app, and that you add a passkey to your account. All that takes under 2 minutes. That way you can read the procession of 'massive' data breach headlines without worrying about your devices, your money or your identity. Conversely, if you still have accounts protected by nothing but passwords and SMS codes, you need to act now. As for this breach, HackRead says 'if the claims are accurate, this would represent one of the larger PayPal-focused leaks of recent years, with millions of users across Gmail, Yahoo, Hotmail, and country-specific domains implicated.' I have reached out to PayPal for any confirmation or comments.
New York Post
13-06-2025
- New York Post
Major data breach exposes 86M AT&T customer records, including social security numbers — here's how to know if you were affected
AT&T has experienced a massive personal data breach, so if you're one of the more than 100 million people who use the company, you'll want to be on guard. According to a report from Hack Read, more than 86 million customers have been affected with leaked details ranging from full names to dates of birth, phone numbers, email addresses and physical addresses. It's reported that more than 44 million Social Security Numbers were also included in the data leak. Advertisement While each of these data sets poses privacy risks on their own, together they could create full identity profiles that could be exploited for fraud or identity theft. The stolen data is reportedly fully decrypted and was first posted to a Russian cybercrime forum on May 15 before being re-uploaded on the same forum on June 3. Hackers reportedly accessed data by getting into accounts that lacked multi-factor authentication, and this leak appears to be linked to an original hack by the ShinyHunters group in April 2024. Advertisement 'It is not uncommon for cybercriminals to re-package previously disclosed data for financial gain,' an AT&T spokesperson told Hack Read in a statement. 'We just learned about claims that AT&T data is being made available for sale on dark web forums, and we are conducting a full investigation.' The original seller of the exposed data claimed that this leak is 'originally one of the databases from the Snowflake breach' — but according to Hack Reads analysis, there are about 16 million more records in this breach than the previous one. The leak reportedly included full names, dates of birth, phone numbers, email addresses, physical addresses and social security numbers. AFP via Getty Images Advertisement AT&T also acknowledged the security researchers' doubts that this breach was linked to the original 2024 breach. 'After analysis by our internal teams as well as external data consultants, we are confident this is repackaged data previously released on the dark web in March 2024,' the company said in a statement. 'Affected customers were notified at that time. We have notified law enforcement of this latest development.' If you're an AT&T customer, it's possible your personal and private data could be part of the leak. Though if your data was leaked in this hack, it's likely because it was already unprotected in the August 2024 National Public Data breach, which exposed 'three decades' worth of Social Security numbers on the online black market.' Advertisement 'After analysis by our internal teams as well as external data consultants, we are confident this is repackaged data previously released on the dark web in March 2024,' AT&T said in a statement. LightRocket via Getty Images To check if your information was leaked in that breach, you can check through Pentester, a cybersecurity firm, by going to and entering your information, which will allow you to see a list of your breached accounts. Security experts are also urging customers to keep an eye on their credit reports. AT&T said it 'offered credit monitoring and identity theft protection to those customers whose sensitive personal information was compromised as part of the notice in 2024.'
Yahoo
11-06-2025
- Yahoo
Major data breach exposes 86M AT&T customer records, including social security numbers — here's how to know if you were affected
AT&T has experienced a massive personal data breach, so if you're one of the more than 100 million people who use the company, you'll want to be on guard. According to a report from Hack Read, more than 86 million customers have been affected with leaked details ranging from full names to dates of birth, phone numbers, email addresses and physical addresses. It's reported that more than 44 million Social Security Numbers were also included in the data leak. While each of these data sets poses privacy risks on their own, together they could create full identity profiles that could be exploited for fraud or identity theft. The stolen data is reportedly fully decrypted and was first posted to a Russian cybercrime forum on May 15 before being re-uploaded on the same forum on June 3. Hackers reportedly accessed data by getting into accounts that lacked multi-factor authentication, and this leak appears to be linked to an original hack by the ShinyHunters group in April 2024. 'It is not uncommon for cybercriminals to re-package previously disclosed data for financial gain,' an AT&T spokesperson told Hack Read in a statement. 'We just learned about claims that AT&T data is being made available for sale on dark web forums, and we are conducting a full investigation.' The original seller of the exposed data claimed that this leak is 'originally one of the databases from the Snowflake breach' — but according to Hack Reads analysis, there are about 16 million more records in this breach than the previous one. AT&T also acknowledged the security researchers' doubts that this breach was linked to the original 2024 breach. 'After analysis by our internal teams as well as external data consultants, we are confident this is repackaged data previously released on the dark web in March 2024,' the company said in a statement. 'Affected customers were notified at that time. We have notified law enforcement of this latest development.' If you're an AT&T customer, it's possible your personal and private data could be part of the leak. Though if your data was leaked in this hack, it's likely because it was already unprotected in the August 2024 National Public Data breach, which exposed 'three decades' worth of Social Security numbers on the online black market.' To check if your information was leaked in that breach, you can check through Pentester, a cybersecurity firm, by going to and entering your information, which will allow you to see a list of your breached accounts. Security experts are also urging customers to keep an eye on their credit reports. AT&T said it 'offered credit monitoring and identity theft protection to those customers whose sensitive personal information was compromised as part of the notice in 2024.'
Time of India
10-06-2025
- Time of India
AT&T suffers massive breach: Hackers steal data of over 86 million customers; what the company said
AT&T has reportedly suffered a massive data breach, with hackers gaining access to the personal data of over 86 million customers. Currently, the telecom provider has nearly 100 million customers in the US, and hackers have reportedly uploaded the personal information of most of them on the dark web. According to a report from Hack Read, the leaked details include full names, dates of birth, phone numbers, email as well as physical addresses of AT&T customers. The report claims that more than 44 million Social Security Numbers were also reportedly part of the data leak. Individually, these data sets pose privacy risks; when combined, they could help in the creation of complete identity profiles for defraud or identity theft, the report adds The stolen data is reportedly fully decrypted. It was initially posted on a Russian cybercrime forum last month, and then re-uploaded to the same forum earlier this month. Hackers reportedly gained access to the data through accounts lacking multi-factor authentication. The report also connected the latest leak to an original hack attributed to the ShinyHunters group in April 2024. What AT&T said about the latest data breach In a statement to Hack Read, an AT&T spokesperson said: 'It is not uncommon for cybercriminals to re-package previously disclosed data for financial gain. We just learned about claims that AT&T data is being made available for sale on dark web forums, and we are conducting a full investigation.' by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Pinga-Pinga e HBP? Tome isso 1x ao dia se tem mais de 40 anos Portal Saúde do Homem Clique aqui Undo As per the report, the original seller of the exposed data claimed the leak is 'originally one of the databases from the Snowflake breach .' However, HackRead's analysis found this breach contains about 16 million more records than the earlier one. AT&T also acknowledged that security researchers had questioned any connection between this breach and the original 2024 incident. 'After analysis by our internal teams as well as external data consultants, we are confident this is repackaged data previously released on the dark web in March 2024. Affected customers were notified at that time. We have notified law enforcement of this latest development,' the company further noted. Users who want to check if their data was involved, you can use a tool from cybersecurity firm Pentester by visiting where entering your details will show a list of breached accounts. Security experts have also recommended customers to regularly monitor their credit reports. HP EliteBook Ultra Review: Thin, light, power in a premium package AI Masterclass for Students. Upskill Young Ones Today!– Join Now
New York Post
10-06-2025
- New York Post
Major data breach exposes 86 million AT&T customer records, sparking identity theft fears: SSNs among details breached by hackers
AT&T has experienced a massive personal data breach, so if you're one of the more than 100 million people who use the company, you'll want to be on guard. According to a new report from Hack Read, more than 86 million customers have been affected with leaked details ranging from full names to dates of birth, phone numbers, email addresses and physical addresses. It's reported that more than 44 million Social Security Numbers were also included in the data leak. While each of these data sets poses privacy risks on their own, together they could create full identity profiles that could be exploited for fraud or identity theft. The stolen data is reportedly fully decrypted and was first posted to a Russian cybercrime forum on May 15 before being re-uploaded on the same forum on June 3. Hackers reportedly accessed data by getting into accounts that lacked multi-factor authentication, and this leak appears to be linked to an original hack by the ShinyHunters group in April 2024. 'It is not uncommon for cybercriminals to re-package previously disclosed data for financial gain,' an AT&T spokesperson told Hack Read in a statement. 'We just learned about claims that AT&T data is being made available for sale on dark web forums, and we are conducting a full investigation.' The original seller of the exposed data claimed that this leak is 'originally one of the databases from the Snowflake breach' — but according to Hack Reads analysis, there are about 16 million more records in this breach than the previous one. The leak reportedly included full names, dates of birth, phone numbers, email addresses, physical addresses and social security numbers. AFP via Getty Images AT&T also acknowledged the security researchers' doubts that this breach was linked to the original 2024 breach. 'After analysis by our internal teams as well as external data consultants, we are confident this is repackaged data previously released on the dark web in March 2024,' the company said in a statement. 'Affected customers were notified at that time. We have notified law enforcement of this latest development.' If you're an AT&T customer, it's possible your personal and private data could be part of the new leak. Though if your data was leaked in this hack, it's likely because it was already unprotected in the August 2024 National Public Data breach, which exposed 'three decades' worth of Social Security numbers on the online black market.' 'After analysis by our internal teams as well as external data consultants, we are confident this is repackaged data previously released on the dark web in March 2024,' AT&T said in a statement. LightRocket via Getty Images To check if your information was leaked in that breach, you can check through Pentester, a cybersecurity firm, by going to and entering your information, which will allow you to see a list of your breached accounts. Security experts are also urging customers to keep an eye on their credit reports.
