Science and TechData Privacy and Cybersecurity

Actions

Hacker group claims AT&T paid them $300K in ransom for stolen customer data

Scripps News has not independently confirmed this information, and AT&T said it does not have a statement to share on the matter.
AT&T Headquarters in Dallas
Posted
and last updated

The hacker group that reportedly stole customer text and phone records from AT&T claimed the wireless company paid them $300,000 in ransom to delete the data, according to Wired.

The technology magazine said an associate of the notorious hacker group ShinyHunters, which has claimed responsibility for multiple high-profile data breaches, provided proof of a cryptocurrency exchange that occurred in May. However, Wired reported crypto-tracing experts could not identify who owned the cryptocurrency wallets that the money came from.

Scripps News has not independently confirmed this information, and AT&T said it does not have a statement to share on the matter.

The wireless network company notified federal regulators on Friday that a data breach in April included records of calls and texts of nearly all of its customers. AT&T said the stolen data did not include the content of the records or any personal information of its customers.

RELATED STORY | AT&T cybersecurity breach potentially posed 'risk to national security'

In online forums, ShinyHunters has claimed responsibility for stealing data from the third-party cloud database Snowflake, used by companies like AT&T and Ticketmaster. The threat actor recently attempted to extort the entertainment company by claiming to leak thousands of print-at-home tickets.

AT&T said that it is working with law enforcement to arrest those involved in its most recent cyberattack, adding that one person has been apprehended in connection to the breach.

"Our top priority, as always, is our customers. We will provide notice to current and former customers whose information was involved along with resources to help protect their information,” the company told Scripps News when asked about notifying customers affected by the security breach.