Excerpt from Cyber Security News Article, Published on July 15, 2024
In a significant AT&T Data Breach, the telecommunications giant paid a hacker approximately $370,000 to delete stolen customer records. The hacker, linked to the infamous ShinyHunters group, initially demanded $1 million but accepted the lower sum after negotiations. The breach, occurring between April 14 and April 25, 2024, involved unauthorized access to AT&T’s data on a third-party cloud platform. Compromised data included call and text metadata from May 1 to October 31, 2022, and some records from January 2, 2023. While the breach did not reveal call or message content, it exposed phone numbers, communication dates, call durations, and some cell site IDs, potentially disclosing user locations.
The hacker’s deletion of the stolen data was verified through a video demonstration. The negotiations were mediated by a security researcher known as Reddington, who also received compensation from AT&T. Despite the data deletion, residual risks remain, as other entities might still possess fragments of the stolen information, posing ongoing security threats.
The breach’s disclosure was delayed due to potential national security concerns, with the Department of Justice granting AT&T exemptions to postpone public notification. This allowed the FBI to conduct a thorough assessment. The incident highlights the challenging decisions companies must make when confronted with sophisticated cyber threats.
AT&T’s decision to pay the ransom underscores the growing impact of cybercrime on major corporations. The FBI and other security agencies continue to evaluate the breach’s full extent and its implications. This AT&T Data Breach serves as a stark reminder of the vulnerabilities in modern digital infrastructure and the importance of robust cybersecurity measures to protect sensitive customer information.
To delve deeper into this topic, please read the full article on Cyber Security News
