Tech | Visa | Scholarship/School | Info Place

AT&T resets account passwords after millions of customer records leaked online

Telephone giant AT&T AT&T reset passwords on millions of customer accounts after a massive amount of data containing their customer records was leaked online earlier this month, TechCrunch has learned exclusively.

The U.S. telecom giant launched a mass password reset after TechCrunch informed AT&T on Monday that the leaked data contained encrypted passwords that could be used to access AT&T customer accounts.

A security researcher who analyzed the leaked data told TechCrunch that the encrypted account passwords were easily decipherable. TechCrunch notified AT&T of the security researchers’ findings.

“AT&T has launched a robust investigation with support from internal and external cybersecurity experts,” AT&T said in a statement provided Saturday. “Based on our preliminary analysis, the data set appears to be from 2019 or earlier. , affecting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders.”

“AT&T has no evidence that unauthorized access to its systems resulted in the disclosure of the data set,” the statement said.

TechCrunch is holding off on publishing this story until AT&T begins resetting customer account passwords. AT&T also published an article on what customers can do to keep their accounts safe.

This is the first time AT&T has acknowledged that the leaked data belonged to its customers, nearly three years after hackers claimed 73 million AT&T customer records were stolen. AT&T denies that its systems were breached, but the source of the leak remains undetermined.

AT&T said Saturday that “it is unclear whether the data in these fields comes from AT&T or one of its vendors.”

In 2021, the hackers who claimed the AT&T data breach only released a small sample of records, making it difficult to check whether the data is authentic. In early March, a data seller posted the complete records of 73 million alleged AT&T online on a known cybercrime forum to allow for a more detailed analysis of the leaked records. AT&T customers have confirmed that their compromised account data is accurate.

The leaked data included AT&T customer names, home addresses, phone numbers, dates of birth and Social Security numbers.

The security researcher told TechCrunch that each record in the leaked data also contains AT&T customer account passwords in encrypted format. The researchers demonstrated to TechCrunch during a video call how they interpreted the data into plain text account passwords.

The researchers double-checked their findings by looking for records in the leaked data against AT&T account passwords known only to them.

This is breaking news. More coming soon…

#ATT #resets #account #passwords #millions #customer #records #leaked #online

Leave a Reply

Your email address will not be published. Required fields are marked *