If I had to rank leaks, I’d say a leaky faucet is the second worst leak, behind the most devastating of all cracks: data leaks. And, boy, do we have a data breach on our hands.
A large amount of AT&T customer data, including Social Security numbers and encrypted passwords that could be used to access customer accounts, was leaked online in March, forcing the telecom giant to reset millions of customer account passwords. TechCrunch has learned exclusively. TechCrunch told AT&T that a security researcher analyzed the leaked data and told the news outlet that the passwords were “easily decipherable.”
AT&T told TechCrunch that there is currently no evidence that anyone used the data breach to access customer information and accounts.
The ‘Mother of Data Breach’ Has Exposed 26 Billion Records, But Don’t Panic
In response, AT&T told the outlet: “AT&T has launched a robust investigation with support from internal and external cybersecurity experts. Based on our preliminary analysis, the data set appears to be from 2019 or earlier, affecting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders.”
Cybersecurity researcher Troy Hunter told The Associated Press Although this particular data breach popped up on hacker forums two weeks ago, it looks a lot like a 2021 breach that AT&T never acknowledged. Hunter said AT&T could face a class-action lawsuit if it evaluates the breach and “makes a poor judgment call and we don’t notify affected customers for several years.”
in a Statement on AT&T websitethe telecommunications company encourages customers to stay safe by “monitoring account activity and credit reports” and setting up “free fraud alerts from the national credit bureaus – Equifax, Experian and TransUnion.”