AT&T is denying claims made by ShinyHunters that the personal data of 70 million customers has been stolen. ShinyHunter’s previous exploits have affected the likes of Microsoft, Dave, Tokopedia, Pixlr, Mashable, and Havenly, among others. ShinyHunter announced the breach on an underground hacking forum earlier this month. The threat group shared a small amount of data claimed to have been stolen from AT&T. They also offered to sell the whole database for the price of $1 million. Researchers at RestorePrivacy analyzed the sample of data allegedly stolen from AT&T’s databases. According to the cybersecurity firm, the data did appear to be authentic based on available public records.
RestorePrivacy also assessed that ShinyHunter’s history of major data breaches and exploits means that it is likely the breach actually occurred. However, the data has not yet been linked to AT&T customers specifically, it only appears to be valid. Researchers suspect that ShinyHunters was able to access customer data including names, phone numbers, physical addresses, email addresses, Social Security numbers, and birth dates. The hacking group claims that the information impacts customers in the United States.
Read More: AT&T Denies Data Breach