©Syda Productions via Canva.com
AT&T Resets Account Passcodes After Big Leak of Millions of Customer Records Online
April 1, 2024
The telecommunications giant AT&T is resetting millions of customer account passcodes due to a huge leak of records online earlier this month.
AT&T started the large-scale passcode reset after being notified by TechCrunch last week that the leaked data held encrypted passcodes that could potentially be used to access AT&T customer accounts.
A security researcher who analyzed the leaked data revealed that the encrypted account passcodes were easily decipherable. TechCrunch promptly alerted AT&T to the security researcher’s findings.
AT&T said in a statement on Saturday, “AT&T has launched a robust investigation supported by internal and external cybersecurity experts. Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders.”
The company added in the statement, “AT&T does not have evidence of unauthorized access to its systems resulting in exfiltration of the data set.”
AT&T has shared a post on its website to help customers keep their accounts secure.
A large number of passcodes for AT&T customers are four digits, and they’re used as a second layer of security when getting into a customer’s account.
This marks the first time the telecoms giant has acknowledged that “the leaked data belongs to its customers, some three years after a hacker claimed the theft of 73 million AT&T customer records.” AT&T denied the breach at the time. The matter was not resolved or concluded with a definitive outcome.
On Saturday, AT&T said that “it is not yet known whether the data in those fields originated from AT&T or one of its vendors.”
Three years ago, the hacker claimed that the AT&T breach only exposed a small portion of records, making it an uphill battle to verify the authenticity of the data. However, toward the start of March this year, a data seller published the entire alleged 73 million AT&T records on a prominent cybercrime forum, leading to a more comprehensive analysis of the leaked data. Meanwhile, AT&T customers have verified the accuracy of their leaked account information.
The personal data leaked were customer names, phone numbers, dates of birth, home addresses, and Social Security numbers.
According to security researcher, Sam “Chick3nman” Croley, each record within the leaked data consisted of the AT&T customer’s account passcode in an encrypted format. Croley consolidated his findings by cross-referencing records in the leaked data with AT&T account passcodes known exclusively to him. Croley said that cracking the encryption cipher was unnecessary to decipher the passcode data.
Recent News
Godfather of AI Suggests a Universal Basic Income
Renowned computer scientist Professor Geoffrey Hinton is advocating for urgent governmental intervention amidst rising concerns over AI-induced job displacement and widening inequality. His expert opinion is not to be taken lightly since he is often hailed as the “godfather of artificial intelligence.”
Ducati Honors Ayrton Senna with Limited Edition Monster
As Formula 1 drivers gear up for the Imola circuit this weekend, Ducati has unveiled a special limited edition Monster to honor Ayrton Senna, marking 30 years since his tragic passing on this track. This isn’t just a commemorative piece; Senna had a deep connection with Ducati, having been both a fan and a collaborator with the brand.
Elon Musk in Bali to Launch Starlink Satellite Internet Service
Elon Musk, the visionary entrepreneur behind Tesla and SpaceX, touched down in Indonesia’s picturesque island of Bali on Sunday, embarking on a mission to introduce Starlink satellite internet service to the vast archipelago nation.
Blue Origin Relaunches Space Tourism
Blue Origin made a triumphant return to space tourism with the launch of its New Shepard rocket, marking the end of a nearly two-year hiatus. The NS-25 mission, which took off at 9:36 a.m. CT (10:36 a.m. ET) on Sunday, May 19, from Blue Origin’s private facility in West Texas, was the company’s seventh crewed flight and the first since a failed uncrewed test flight in September 2022.