Researchers from vx-underground initially discovered that more than 70 million records allegedly belonging to AT&T were leaked on the Breached hacking forum.
The leaked data, confirmed to be legitimate by the researchers, originates from an unspecified division of AT&T. However, it remains unclear whether the information was obtained directly from AT&T or a third-party organization associated with the telecom giant.
The seller, identified as MajorNelson, claims that the data was acquired from an unnamed AT&T division by @ShinyHunters in 2021. The archive contains a staggering 73,481,539 records.
vx-underground emphasized that the data was stolen in 2021 but was only leaked online recently.
ShinyHunters, a well-known hacking group, has previously offered for sale data stolen from numerous major organizations, including Tokopedia, Homechef, Chatbooks.com, Microsoft, and Minted.
In August 2021, ShinyHunters purportedly possessed a database containing private information on approximately 70 million AT&T customers. Despite the company's denial of the data breach, the threat actors claimed to offer access to the database for a substantial sum.
RestorePrivacy, a website that examined a sample of the leaked data, found that it contained sensitive information such as names, phone numbers, physical addresses, email addresses, social security numbers, and dates of birth. While the exact origin of the data remains unconfirmed, everything analyzed by RestorePrivacy appeared to be valid.
Despite the denial of a data breach by AT&T, the company stated that the information appearing in internet chat rooms does not seem to have originated from its systems. However, ShinyHunters expressed readiness to assist AT&T in enhancing its system security in exchange for a reward.