Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Tuesday April 02, @06:33AM   Printer-friendly
from the please-reset-my-social-security-number dept.

AT&T Says Data From 73 Million Current, Former Account Holders Leaked

AT&T says data from 73 million current, former account holders leaked:

AT&T notifies users of data breach and resets millions of passcodes:

Inside the Massive Alleged AT&T Data Breach:

AT&T said it has begun notifying millions of customers about the theft of personal data recently discovered online.

The telecommunications giant said Saturday that a dataset found on the "dark web" contains information such as Social Security numbers for about 7.6 million current AT&T account holders and 65.4 million former account holders.

The company said it has already reset the passcodes of current users and will be communicating with account holders whose sensitive personal information was compromised.

It is not known if the data "originated from AT&T or one of its vendors," the company said in a statement. The compromised data is from 2019 or earlier and does not appear to include financial information or call history, it said. In addition to passcodes and Social Security numbers, it may include email and mailing addresses, phone numbers and birth dates.

While the data surfaced on a hacking forum nearly two weeks ago, it closely resembles a similar data breach that surfaced in 2021 but which AT&T never acknowledged, said cybersecurity researcher Troy Hunt.

"If they assess this and they made the wrong call on it, and we've had a course of years pass without them being able to notify impacted customers," then it's likely the company will soon face class action lawsuits, said Hunt, founder of an Australia-based website for warning people when their personal information has been exposed.


Original Submission #1Original Submission #2

This discussion was created by janrinok (52) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 2, Informative) by Anonymous Coward on Tuesday April 02, @06:39AM (3 children)

    by Anonymous Coward on Tuesday April 02, @06:39AM (#1351312)

    The compromised data is from 2019 or earlier

    So they've reset your password now, in 2024! Great! How helpful.

    • (Score: 2) by JoeMerchant on Tuesday April 02, @01:13PM (2 children)

      by JoeMerchant (3937) on Tuesday April 02, @01:13PM (#1351337)

      "If they assess this and they made the wrong call on it, and we've had a course of years pass without them being able to notify impacted customers," then it's likely the company will soon face class action lawsuits

      Couldn't happen to a more deserving lot of arrogant pricks. I gave them my last double-barrel brush-off in 2016, they've had the good sense to stop "offering me great deals" since then.

      --
      🌻🌻 [google.com]
      • (Score: 2) by captain normal on Tuesday April 02, @05:32PM (1 child)

        by captain normal (2205) on Tuesday April 02, @05:32PM (#1351374)

        This is near a head scratching moment for me. I last had a physical copper pair ATT land line in 2008, and all my DSL and data accounts were with other providers. These data providers used ATT wires. Wonder which law firm is going for the class action suit?
        The other question is WTF is any organization doing holding on to information from old accounts for so long? Of course, ATT's legal corp will delay this for up to a decade. Plus one would have to show actual financial loss to collect.
        Don't wonder why I hate monopolist giant TELCOs.

        --
        Everyone is entitled to his own opinion, but not to his own facts"- --Daniel Patrick Moynihan--
        • (Score: 2) by JoeMerchant on Tuesday April 02, @07:51PM

          by JoeMerchant (3937) on Tuesday April 02, @07:51PM (#1351399)

          >ATT's legal corp will delay this for up to a decade

          Yep, their PR department has already delayed it for 5.

          --
          🌻🌻 [google.com]
  • (Score: 3, Interesting) by jasassin on Tuesday April 02, @01:46PM (1 child)

    by jasassin (3566) <jasassin@gmail.com> on Tuesday April 02, @01:46PM (#1351343) Homepage Journal

    SSN's were stolen? Wow! Someone brought in a flash drive, dumped a table, went out for a smoke break and came back with the goods to ruin millions of peoples lives, and they don't know who pulled the table or what the fuck is even going on (it happened in 2019 [or earlier] and they just found out). FUCK YOU AT&T! If someone pulled some identity theft on me after something like this... I'm sorry but a class action lawsuit isn't going to cut it. As a matter of fact, I'm not sure any lawsuit would cut it. I won't say what would cut it, because I don't want to end up on a list.

    I'm so glad I was never an AT&T customer (and never will be).

    --
    jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
    • (Score: 2) by DannyB on Tuesday April 02, @02:33PM

      by DannyB (5839) Subscriber Badge on Tuesday April 02, @02:33PM (#1351347) Journal

      If you never signed an agreement with AT&T, then you mist the fine print. The signer would give AT&T the right to harvest their organs in the middle of the night, along with the organs of any family members. While wealthy people might hire guards to protect themselves at night, they need to be aware that AT&T agents have the ability to take on human form.

      --
      When trying to solve a problem don't ask who suffers from the problem, ask who profits from the problem.
  • (Score: 2) by Username on Tuesday April 02, @01:48PM

    by Username (4557) on Tuesday April 02, @01:48PM (#1351344)

    The people getting paid peanuts to deal with customers have all of that. Also the NSA and FBI, both that leak more than private companies.

  • (Score: 3, Insightful) by sjames on Tuesday April 02, @05:53PM

    by sjames (2882) on Tuesday April 02, @05:53PM (#1351384) Journal

    It's time to take "identity theft" out back and shoot it.

    There is no such thing as identity theft really. Some bank handed a wad of cash to J. Random Fraudster based on information that can be found everywhere and anywhere. Not my problem, not my debt. Attempting to collect it from me should be counted as fraud. I do not owe them money, I do not owe them my time or energy to help solve their little problem. I had nothing to do with it. Reporting it as adverse information about my credit worthiness should be libel. End of story.

    Credit agencies better figure out how to separate the wheat from the chaff, go into a new line of work, or be prosecuted as a criminal enterprise (what else do you call a business that makes money by committing mass libel?).

(1)