Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
AT&T Notifying Customers About Massive Data Leak
- Thread starter MacRumors
- Start date
- Sort by reaction score
AT&T is tone death, just like all the others who suffer data leaks. All they are concerned about is passwords being leaked. Passwords have no value anymore, the customers ID data is more valuable because it can be used for ID theft and fraud. This is how fraudulent bank accounts get opened and credit cards get ordered.
Okay, here is a well written article on the topic from two weeks ago.
www.bleepingcomputer.com
AT&T says leaked data of 70 million people is not from its systems
AT&T says a massive trove of data impacting 71 million people did not originate from its systems after a hacker leaked it on a cybercrime forum and claimed it was stolen in a 2021 breach of the company.
Just read the link you provided. What is concerning is that AT&T appears to be adamant that the leak did not come from their systems but what is extremely worrying is what AT&T is not telling anyone and that is if the leak did not come from then then just who exactly is AT&T allowing to have access to their customer data. Because two things are happing here, AT&T is lying and the leak did come from them OR AT&T is allowing one of their partners/vendors total access to their customer database, a partner/vendor who clearly has a weak security system in place and therefore should not be having access to AT&T customers data.Okay, here is a well written article on the topic from two weeks ago.
AT&T says leaked data of 70 million people is not from its systems
AT&T says a massive trove of data impacting 71 million people did not originate from its systems after a hacker leaked it on a cybercrime forum and claimed it was stolen in a 2021 breach of the company.
AT&T will still be at fault here because even if the data leak did not come from them, from the checks the media have done, it clearly is account data of their customers which means AT&T is giving someone access to their customer database and if that is the case, what due diligence checks did AT&T do on their partners/vendors to make sure they had adequate security in place to prevent any data leaks.
You want to know how bad the social security number system is? Numbers weren’t randomized until 2011! If you know when and where someone was born with a birthday prior to June 25, 2011, you can figure out the first two sets. The last 4 are sequential. So if you know people born in the same area around the same time, you can guess their entire SSN within a few digits if you learned the last 4 of one of the people in that group.
It is a little trickier than that, it’s not when and where they were born, it is when and where they applied for a SSN.
Unless it's the only option in your area that you can get a signal, there's no reason to use AT&T. Verizon and T-Mobile are faster and have better perks. And have less baggage.
I still have yet to see my $5 credit for that outage. With something like this data breach we should be getting a couple months service for free minimum!!!
James
Really?! Where did you go, then?
T-Mobile has already had at least 2 recent hacks/leaks?
Verizon (and AT&T) actively sell your data (including live/historical location data)
There's nowhere to go to avoid this.
2FA means nothing here. The hack may have been from other means, hacking an unsecured database were all the data was stored for example.
Not surprised.
Their point of sale/operations system, OPUS, is a joke. Constantly has broken features, crashing, it’s slow, and I’m sure doesn’t safeguard the private information put into it.
Between this, their terrible systems, the outage, the stock, and the fact that they keep killing retail stores —- one can only hope the CEO’s seat is getting warmer by the day.
Their point of sale/operations system, OPUS, is a joke. Constantly has broken features, crashing, it’s slow, and I’m sure doesn’t safeguard the private information put into it.
Between this, their terrible systems, the outage, the stock, and the fact that they keep killing retail stores —- one can only hope the CEO’s seat is getting warmer by the day.
Mega corporation knows is cheaper to pay a government fine then actually paying for expensive data encryption tech. They also know after the initial outrage, customers will stay with them. Because where can you go when you only have two other options? And we know T-Mobile is notorious for data breach.
JMHO but people should freeze their credit by default, and then only thaw them temporarily for specific credit application purposes. It's free and easy. Just takes a modicum of forethought & planning, which I know is out of style today.
Monitoring is also wise - but it doesn't have to cost anything since some credit card providers do some basic monitoring as an included benefit.
I agree. Only remove the freeze for the limited time it takes to permit the processing.
Internet too. I have Gigapower with them and got an email about it. No cell service or anything else.
Yup. Mine is frozen until we go to get pre-approved for a new house.
"PureTalk Holdings, Inc. is an American mobile virtual network operator headquartered in Covington, Georgia, United States with two other offices located in Fort Lee, New Jersey and Atlanta, Georgia. It resells wireless service over the AT&T Mobility network."
IMHO there's two sorts of people in the world:
- those whose info has been exposed in a data leak
- and those who just think their info hasn't been exposed in a data leak
I routinely get alerts from credit monitoring service that my email or phone has been found on the dark web. So far I haven't gotten an alert about address or SSN or DoB. Although these have been leaked in prior breaches per notification from various companies.
Anyone get alerts from credit monitoring that their sensitive data such as SSN is on the dark web?
Anyone get alerts from credit monitoring that their sensitive data such as SSN is on the dark web?