Hacker gives out 70 million stolen AT&T user records


A leaked database with more than 70 million records, allegedly stolen from AT&T, is available almost for free on the illicit marketplace BreachForums. Some researchers confirm that the data is legitimate, but it's unclear how the hackers got their hands on it.

The seller claims that the data was obtained by a criminal group, ShinyHunters, in 2021. The data has previously appeared publicly.

Cybernews reported in 2022 that ShinyHunters wanted at least $200,000 for 70 million records that allegedly belonged to AT&T. Back then, AT&T denied claims that the data was leaked, suggesting that it was either inauthentic or gathered from other sources.

Now, the database has been posted by a seller under the alias MajorNelson and could be illegally obtained by anyone for just eight BreachForum credits, worth about two euros.

According to the seller, the database contains 73,481,539 lines. The provided sample includes full names, physical addresses, emails, phone numbers, Social Security numbers (SSN), dates of birth, and other information.

The hackers claim that they decrypted SSN and date of birth values and provided them with the leaked files. According to other users on the forum, the total file size is almost 5GB.

AT&T is the largest wireless carrier in the US and the fourth-largest telecommunications company, in terms of revenue, globally.

Researchers at vx-underground, who reviewed the leak, confirmed that the stolen data appears legitimate.

“No information is available to indicate whether it is a 3rd party compromise, or which 'division' this data is from,” they posted on X.

Other researchers shared similar insights: the data seems to be accurate, and many exposed users appear to have AT&T accounts. However, the researchers were unable to confirm if the data was obtained from AT&T.

We have no indications of a compromise of our systems. We determined in 2021 that the information offered on this online forum did not appear to have come from our systems. We believe and are working to confirm that the data set discussed yesterday is the same dataset that has been recycled several times on this forum,” a spokesperson at AT&T told Cybernews.

Updated on March 18th [01:15 p.m. GMT] with a statement from AT&T.


More from Cybernews:

The curse of convenience: where does it all end?

McDonald's addresses system outage, blames third-party provider

FTX swindler Sam Bankman-Fried deserves 40-50 yrs in prison, prosecutors say

MarineMax yacht dealer latest luxury retailer cyberattack

Uh, robot: stuttering Figure 01 sends viewers into uncanny valley

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked