Update 1: Well, this is interesting. The thread has been deleted. Was ShinyHunters scamming or is something else up? Right now, it looked like it was a scam, but I received a message from Shiny that an admin had deleted the thread, so still stay tuned, I guess.
Update 2: Another mod has since restored the thread.
Update 3: AT&T press office gave this site a statement in response to our inquiry:
Based on our investigation today, the information that appeared in an internet chat room does not appear to have come from our systems.
————– original post:
The well-known threat actor known as ShinyHunters has just blown up news by posting an offering for customer data on 70 million AT&T customers that includes their SSN and date of birth.
The listing appeared on a popular forum where data is sold and traded.
The starting price requested is $200,000.00 with a minimum step of $30,000.00 in bidding.
Unlike the T-Mobile which was described as having some hacktivist purpose, the AT&T incident appears purely for commercial purposes.
AT&T did not immediately reply to a request for comment on the listing and claims. Technically, then, this claim is still unconfirmed, but I will be surprised if it is not confirmed.
This post will be updated when a response from AT&T is received.
As updated at the top of this post, AT&T states the data does not appear to come from their systems.