Telecommunications giant AT&T has revealed that it has suffered a massive data breach involving the personal data of 73 million current and former customers.
AT&T says the data appeared on the dark web about two weeks ago, adding that it appears to be “from 2019 or earlier.” “It is not yet clear whether the data in these areas comes from AT&T or its vendors,” the company added.
The good news is that it “doesn’t contain any personal financial information or call history.”The bad news is that do This includes the customer’s name, home address, phone number, date of birth, social security number, and encrypted passcode.
The company says its current 7.6 million affected customers have had their passcodes reset, but there is clearly little that can be done about the data used for identity theft.
A page on the official website states, “Individuals whose sensitive personal information has been compromised will be contacted individually and provided free identity theft and credit monitoring services,” which states that “Individuals whose sensitive personal information has been compromised will be contacted individually and provided free identity theft and credit monitoring services,” and will provide information on the safety of AT&T accounts. You can also find more information on how to maintain it here. The aftermath of a data breach.
Passcode instead of password
It is important to note that the data includes the pathcoderather than passingwords. A passcode is a number (usually his four digits) that is used to increase security when accessing a customer’s account over the phone, in-store, or online.
So while this breach may not be as immediate a threat to our 65.4 million former customers, affected users still need to be wary if their other passcodes replicate this combination. there is.
This is because there may be enough data in the breach to guess the PIN. Security researcher Sam Crowley told TechCrunch that because customers frequently use numbers associated with four-digit passcodes, it is possible to scramble passcode data without using an encryption cipher. There is a possibility that it will be cancelled. In other words, Social Security, phone numbers, and home numbers can all be compromised at the same time, so there are many ready-made combinations for criminals to try.
Stories of the breach first surfaced earlier this month on the X account @vx-underground. claimed More than 70 million records were reportedly leaked to Breached. AT&T suggested at the time that this was likely a rehash of the dataset it rejected in 2021.
The year has gotten off to a tough start for telecom companies. Last month, the company was forced to deny that a nearly day-long outage was the result of a cyberattack.
