If I had to rank leaks, I’d say a leaky faucet is the second worst leak, bested only by the most devastating of all fissures: the data leak. And, boy, do we have a data leak on our hands.
A huge cache of customers’ data, including Social Security numbers and encrypted passcodes that could be used to access customer accounts, was dumped online in March, forcing the telco giant to reset millions of customer account passcodes, . After a security researcher analyzed the leaked data and told the news outlet that the passcodes were “easy to decipher,” TechCrunch told AT&T.
AT&T told TechCrunch that there isn’t any evidence just yet that anyone used this data leak to access customer’s information and accounts.
In response, AT&T told the outlet: “AT&T has launched a robust investigation supported by internal and external cybersecurity experts. Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders.”
that while this particular data leak popped up on a hacking forum just two weeks ago, it looks a whole lot like a 2021 data breach that AT&T never acknowledged. Hunt said that if AT&T assesses the leak and “made the wrong call on it, and we’ve had a course of years pass without them being able to notify impacted customers,” then the company could be on the hook for class action lawsuits.
In a , the telco company encourages customers to take safety into their own hands by “monitoring account activity and credit reports” and setting up “free fraud alerts from nationwide credit bureaus — Equifax, Experian, and TransUnion.”
Related Posts
