Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Cyber Crime

AT&T suffered a data breach,users urge to change passcode

The American multinational giant AT&T confirmed to have suffered a data breach last April, personal data of an unknown number of users was exposed. The American multinational telecommunications corporation AT&T confirmed to have suffered a data breach last April, personal information of an unknown number of users was accessed by employees of one of its contractor. AT&T […]

AT&T

FILE – In this July 11, 2013 photo, a man uses a cell phone as he walks past an AT&T store in New York. AT&T reports quarterly earnings on Tuesday, Jan. 28, 2014. (AP Photo/Mark Lennihan, File)

The American multinational giant AT&T confirmed to have suffered a data breach last April, personal data of an unknown number of users was exposed.

The American multinational telecommunications corporation AT&T confirmed to have suffered a data breach last April, personal information of an unknown number of users was accessed by employees of one of its contractor.

AT&T has already notified some of its mobile customers of the data breachSocial Security numbers, birth dates and call records of an unknown number of users between April 9 and 21 were exposed.

AT&T databreach

AT&T sent a notice to the California Attorney General explaining the dynamic of the incident, the contractor’s employees who were responsible for the data breach were already terminated.

“We recently learned that three employees of one of our vendors accessed some AT&T customer accounts without proper authorization,”  “This is completely counter to the way we require our vendors to conduct business.”

“We know our customers count on us and those who support our business to act with integrity and trust, and we take that very seriously,” AT&T continued. “We have taken steps to help prevent this from happening again, notified affected customers, and reported this matter to law enforcement.” AT&T said in an official statement.

It seems that the attackers were interested to request codes that can be used to unlock AT&T phones. An account could be unlocked by AT&T when the following conditions are respected:

  • the user’s account has been active for at least 60 days.
  • the account is in good standing.
  • the account has no unpaid balance.
  • the account has fulfilled his or her service agreement commitment.

AT&T believes the employees accessed your account as part of an effort to request codes from AT&T that are used to unlock AT&T mobile phones in the secondary mobile phone market so that those devices can then be activated with other telecommunications providers.” reported AT&T in the notice. 

AT&T, to preserve its customers, announced that it is offering affected accounts a year of free credit monitoring and is recommending that people change the passcode.

Pierluigi Paganini

(Security Affairs –  AT&T, data breach)