The information that leaked includes customers’ names, addresses, mobile phone numbers, social security numbers (encrypted), birth dates (encrypted), and more. Bleeping Computer and other cybersecurity research firms took a look at a sample of the data obtained by ShniyHunters and found that some of it was accurate. Back in 2021, AT&T told Bleeping Computer that the data leaked did not come from its computer systems. “Based on our investigation today, the information that appeared in an internet chat room does not appear to have come from our systems,” the wireless provider said that year.
Even today AT&T continues to deny that it was the source of the personal data telling Bleeping Computer that there is no evidence that it suffered a data breach. AT&T was asked by the website if there is a possibility that the data came from a third-party service provider or a vendor, but the carrier has yet to respond to that query.
Threat actor MajorNelson posts on hacking forum leaked data from AT&T customers
When Bleeping Computer told the “threat actor” back in 2021 that AT&T said that they were not the source of the leaked data, ShinyHunters said, “I don’t care if they don’t admit. I’m just selling.” At the time, the price to buy the data was said to be $1 million for all of it.
AT&T customers should continue to be on alert. Another “threat actor” using the name “MajorNelson” recently went on a hacking forum and leaked data for free. He claimed that this information came from the same data that ShinyHunters was looking to monetize back in 2021. The fact that some of the data was encrypted should not give affected AT&T customers a false sense of security. The report says that the “threat actors” were able to unencrypt the birth dates and social security numbers and added them to another file in the leak.
Bleeping Computer says that “all signs point to this being data of AT&T customers.” If you were an AT&T customer before and during 2021, be on the lookout for text messages that ask you to tap on links. Watch out for email phishing and other online correspondence that asks you to provide personal information. And if you receive a text or email about your SIM being replaced or swapped, call your carrier immediately if you did not request a new SIM card or eSIM.