AT&T Paid $370,000 to Hacker to Ensure Records are Deleted

AT&T Paid $370,000 to Hacker to Ensure Records are Deleted

Patrick Wright Patrick Wright

Patrick Wright

Co-Founder | COO | CTO | CISO at STP Ventures | Cybersecurity Strategist & Evangelist | Expert in Cybersecurity Management

发布日期: 2024年7月15日
+ 关注

In a recent development, AT&T has reportedly paid $370,000 to the hacker responsible for breaching their systems in April and stealing customer call and text records. This payment was intended to secure the complete deletion of the stolen data. While AT&T claims that no personally identifiable information (PII) or account details were compromised, the stolen records did contain cell site IDs, which could potentially be used to determine a customer’s location.

Is Paying a Hacker a Good Idea? Almost Never.

While the specifics of the transaction remain unclear, we do know that the hacker submitted video proof of the data's permanent deletion. However, it’s crucial to recognize that numerous ways exist for hackers to create unknown copies, backups, or clones. Therefore, there’s no way to guarantee that all copies of the data have been fully destroyed.

The hacker in question is associated with the notorious group ShinyHunters. AT&T might be betting on the group's desire to maintain their reputation—essentially, an "honor among thieves" scenario. If ShinyHunters were to misuse the data, other companies might become significantly more hesitant to pay ransoms in the future.

Are AT&T Customers in the Clear? No.

Given the uncertainty surrounding the complete deletion of the data, AT&T customers must remain vigilant. Phishing and other social engineering attacks could still pose a threat. For advice on protecting yourself, refer to our earlier newsletter.

Reporting Delay and Its Implications

AT&T received a special exemption to delay reporting this incident while the FBI conducted an investigation. Although investigations are essential, so is the safety of consumers. Such delays can increase the risk for AT&T customers. Was this the right move by AT&T and the FBI? Only time will tell. Notably, the FBI has been actively dismantling ransomware and phishing gangs, which might indicate a broader strategy by U.S. law enforcement.

领英推荐

From the Desk

I'm betting this is going to be the last "major" announcement we hear about this breach. I'll continue to monitor and issue other updates via Behind the Breach if necessary. It's very likely this will fade into the background as other breaches come to light and the focus shifts.

I'm already working on the next edition of Behind the Breach, where I'll break down very pragmatic and practical steps to help prevent attack scenarios exactly like this.

Until then...

Stay safe and stay vigilant!

Patrick Wright | CISO | Cyber Executive

Co-Founder | STP Ventures, LLC



Behind The Breach Behind The Breach

Behind The Breach

461 位关注者

订阅

要查看或添加评论,请登录

Patrick Wright的更多文章

社区洞察

其他会员也浏览了