News

AT&T denies connection to database of 23 million SSNs, says it may be tied to credit agency breach

Telecommunications giant AT&T denied any connection to a database of stolen information that included the Social Security numbers of 23 million Americans.

First reported by Brian Krebs, Milwaukee cybersecurity company Hold Security said it found a 3.6 GB file on a dark web platform that contained Social Security numbers and information belonging to 23 million people. 

The security company told Krebs that there is a trove of evidence tying the database to AT&T, including email addresses ending with “att.net,” “SBCGLobal.net” or “Bellsouth.net” as well as links to an obscure AT&T broadband service and location data tying the information to the 21 states where AT&T operates.

An AT&T spokesperson told The Record that the information “does not appear to have come from” their systems, adding that it “may be tied to a previous data incident at another company.”

“It is unfortunate that data can continue to surface over several years on the dark web. However, customers often receive notices after such incidents, and advice for ID theft is consistent and can be found online,” the spokesperson said. 

The spokesperson added that the batch of data has “surfaced several times over the years and based on our continued forensic analysis it does not appear it came from us.”

“It may be associated with a previous data incident at a credit agency. Potentially affected customers would have received a notice at that time, directing them to the credit agency for more information. We have a dedicated team that does forensic analysis on data such as this and based on that work we can determine if data originates from us or somewhere else.”

AT&T did not clarify what they meant and did not respond to requests for comment about what credit agency may have been breached.

But last year, BleepingComputer reported on well-known hacking group ShinyHunters selling a database of stolen information on a dark web forum that had the sensitive information of more than 70 million AT&T customers.

AT&T similarly denied that that breach was connected to their customers but the hacker confirmed to the news outlet that the data was stolen from the telecommunications company. The database was being auctioned off for $200,000 or an immediate sale price of $1 million. 

DataBreaches.net noted two weeks ago that an alleged member of ShinyHunters was arrested in Morocco after an Interpol red notice was issued following a request from a Washington State prosecutor.

Jonathan Greig

Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

Recent Posts

TikTok could face £27 million fine for failing to protect UK children’s privacy

Social media platform TikTok could face a fine of £27 million after an investigation by…

4 hours ago

IBM expands HBCU cybersecurity center program to 20 schools

IBM announced this week that it will be expanding its collaboration with Historically Black College…

4 hours ago

US Treasury carves out Iran sanctions exceptions for internet providers

The U.S. Department of Treasury said it is carving out exceptions within its stifling sanctions…

2 days ago

US Nuclear Security Administration criticized by watchdog over cybersecurity failures

The U.S. agency that maintains and modernizes the country’s nuclear stockpile was criticized by a…

3 days ago

Log4j: Senators introduce bill centered on CISA open source security efforts

A bipartisan group of senators introduced a new bill this week intended to address the…

3 days ago

7-year Android malware campaign targeted Uyghurs: report

The Uyghur community was targeted with an Android-based malware campaign for over seven years, according…

3 days ago