Zack Whittaker reports:
Phone giant AT&T has reset millions of customer account passcodes after a huge cache of data containing AT&T customer records was dumped online earlier this month, TechCrunch has exclusively learned.
The U.S. telco giant initiated the passcode mass-reset after TechCrunch informed AT&T on Monday that the leaked data contained encrypted passcodes that could be used to access AT&T customer accounts.
A security researcher who analyzed the leaked data told TechCrunch that the encrypted account passcodes are easy to decipher. TechCrunch alerted AT&T to the security researcher’s findings.
Read more at TechCrunch.
Current and former AT&T customers would have every right to feel infuriated with AT&T. In 2021, when data were first put up for sale on BreachForums by “ShinyHunters,” AT&T denied that the data came from their system or that they had had any breach. They did not rule out that it was customer data that came from a vendor’s system, but never seemed to follow up by contacting all vendors and then reporting back to the public on any findings. For their part, the threat actors never did say where or how they had obtained the data.
Now the data were being leaked again, HaveIBeenPwned added 49 million records to its site, and AT&T has announced a “robust investigation,’ adding that “it is not yet known whether the data in those fields originated from AT&T or one of its vendors.”
Why didn’t this all happen in 2021?