Latest news with #ShinyHunters
Yahoo
a day ago
- Yahoo
Hackers leak 86 million AT&T customer records with 44 million social security numbers, report says
If you are one of the more than 100 million people who use AT&T, you might want to take stock of your data. Hackers said they accessed and leaked millions of AT&T customers' private information after the ShinyHunters group allegedly stole the data in April 2024, according to a new report from Hack Read. The report claimed some 86 million AT&T customer records have been leaked, including full names, dates of birth, phone numbers, email addresses, physical addresses, and social security numbers. In total, Hack Read reported that 44 million social security numbers were included in the leaked data. The social security numbers and birth dates were encrypted in the original hack by the ShinyHunters group, a leak that was made possible by security flaws in the Snowflake cloud data platform, as Mashable previously reported. Now, Hack Read has reported that this sensitive data is now decrypted. We asked AT&T about the reported leak of their customer data. An AT&T spokesperson told Mashable in a statement that "it is not uncommon for cybercriminals to re-package previously disclosed data for financial gain." "We are aware of claims that AT&T data is being made available for sale on dark web forums, and we are conducting a full investigation," the spokesperson added. So, if you're an AT&T customer, this means your valuable private data could be part of this new leak. However, if your data was exposed in this leak, it was likely — although not certainly — already exposed in the August 2024 National Public Data breach. Mashable previously reported on this breach, which exposed "three decades' worth of Social Security numbers on the online black market." You can find out if your data was exposed in that breach by using a tool from Pentester, a cybersecurity firm, to check. Visit enter your information, and see your list of breached accounts.
Tom's Guide
2 days ago
- Tom's Guide
New AT&T data leak links previously exposed info to Social Security numbers, birth dates
In a trend that absolutely no one wants to get behind, another older data leak has been paired with additional customer information to get re-released as a new data leak to expose even more customer info and personal details. As reported by BleepingComputer, an old 2021 AT&T data leak which contained millions of phone numbers has been linked with Social Security numbers and birth dates of the individual users. The company has stated that cybercriminals will commonly repackage previously disclosed data for financial aim, which is what they believe is happening here, and that when they learned of the data going up for sale on the dark web they began a full investigation. While the threat actor who leaked the data onto a popular Russian-speaking hacking forum claimed it was the data stolen during the 2024 AT&T 'Snowflake' cyberattack, which is what was initially reported by HackRead. However, after BleepingComputer analyzed the exposed information, the news outlet determined it was actually from the 2021 data leak which was caused by a hacker dubbed 'ShinyHunters.' This is not the first time the 2021 ShinyHunters data has been leaked or even linked to additional personal information. For instance last year, the data was leaked along with names, addresses, mobile phone numbers, encrypted date of birth, encrypted Social Security numbers and more. This leak has cleaned up that data to remove internal AT&T information and added the unencrypted Social Security numbers and dates of birth to each customer record. There are reportedly over 86 million unique records of this nature, with more than 48 million unique phone numbers that have associated customer information. This is due to customers having multiple records with the same phone number being used at different addresses. Not sure if you were one of the customers affected by these breaches? At this point, if you're an AT&T customer, you should be taking steps to see if you've been affected and then to lock down your own data in order to keep yourself safe. Get instant access to breaking news, the hottest reviews, great deals and helpful tips. As with all data breaches, the biggest threat will be phishing attacks and online fraud. Now that hackers can easily figure out your identity, they might try to reach out to you posing as AT&T. That means you'll need to be extra careful when checking your inbox and messages. Avoid clicking on links or downloading attachments from unknown senders as hackers often set up fake pages to steal your credentials, credit card data and other sensitive info. For this reason, you want to go directly to AT&T's page instead of clicking on any links on search results, social media or even ads that claim to take you to it. If you haven't signed up for one of the best identity theft protection services, now might be a good time to look into them. You can also consider putting fraud alerts on your files with the Big Three credit-reporting agencies Equifax, Experian and TransUnion, and even instituting a credit freeze (although doing so can complicate getting a loan or opening new payment accounts). This 2021 data leak seems to be the gift that keeps on giving for hackers, so I wouldn't be surprised if this stolen info is used in future attacks. Don't worry though as we'll be keeping a close eye on this one.
