August 23, 2021

AT&T has denied it suffered a data breach after a notorious threat actor claimed to be selling a database containing the personal data of 70 million subscribers.

The threat actors, known as ShinyHunters began selling this database on a hacker forum last weekend with a starting price of $200,000 and incremental offers of $30,000.

Of the samples shared by the hackers, the database contained the names, addresses, telephone numbers, social security numbers and dates of birth of customers.

Apart from that, not much is known about the database and how it was acquired or whether it is authentic.

ShinyHunters is a notorious hacking group with a long history of compromising websites and developer databases to steal login credentials or API keys. This authentication is then used to steal client databases, which they then sell directly to other hackers or through a middle-man data breach seller.

In some cases, if a database is not sold, ShinyHunters will publish it for free on hacker forums.

In a series of emails, AT&T has denied that the data came from its systems and that it was not recently breached.

When asked if the data could come from a third-party provider, AT&T declined to speculate.

ShinyHunters says they have not contacted AT&T, but they are willing to “negotiate” with the wireless carrier.

The news comes shortly after another hacking group tried to sell the stolen data of 100 million T-Mobile customers.

T-Mobile has confirmed that they were hacked, and the cyberattack has brought to light the personal data of about 48 million T-Mobile customers.

For more information, read the original story in BleepingComputer.