AT&T seems to be the talk of the town after it became the target of hackers who stole massive customer call and text data records recently. This is not the first time a breach of this scale has happened, as salient consumer information has been compromised on various occasions despite the company’s vigorous attempts to ensure consumer data privacy. More information has surfaced about the recent hack that stole the personal records of over 110 million consumers and the company’s ongoing efforts to protect them.
After the massive AT&T consumer data hack, the company paid $370,000 as a ransom to one of the hackers to delete the data
AT&T disclosed the data breach by hackers last week, which exposed records of nearly all consumer call and text records, signifying the urgent need for measures to ensure data security. As per a recent report, the company has made a Bitcoin payment as a ransom for deleting the stolen data.
Wired shared details regarding the exchange between AT&T and the hacker, who originally demanded $1M in bitcoins. The final amount was brought down to $370,000 and paid in bitcoins, with the company requesting the hacker to send videos of deleting the data as proof of the deal. A security researcher who was part of ongoing exchanges between the two parties confirmed the transaction and provided evidence for it.
It is said that the hacker was part of a hacking team called Shiny Hunters, which was first mentioned in 2020 and later gained attention for its large-volume data breaches. The hacking team has a reputation for obtaining data of consumers associated with big companies and then asking for payment against it. If they do not receive a payment, they tend to sell the data on sites, making it available to the public and putting the consumers at major risk.
The hacker, who is part of the notorious ShinyHunters hacking group that has stolen data from a number of victims through unsecured Snowflake cloud storage accounts, tells WIRED that AT&T paid the ransom in May. He provided the address for the cryptocurrency wallet that sent the currency to him, as well as the address that received it.
Wired also confirmed the ransom was paid in May and involved 5.7 bitcoins being sent to a specific account in return for data deletion. AT&T claimed the data was accessed through an unsecured third-party cloud platform called Snowflake, which also compromised other companies’ data.
Even though AT&T is actively dealing with this security threat and ensuring consumer records are no longer with hackers, there remains an air of fear regarding the possibility of some data being retained by cybercriminals.