Login
AT&T Spends $370,000 to Stop Hacker Data Release
Bite-Sized Cybersecurity Blog
Blog
July 24, 2024
AT&T Spends $370,000 to Stop Hacker Data Release

AT&T has just announced that it suffered a huge data breach exposing the phone call and text message logs of about 110 million people. The database in use was hosted on Snowflake, a cloud computing data warehousing firm. That’s according to a spokesperson for the US mobile network, who was speaking to TechCrunch. The incident was made public on April 19, 2024, after AT&T learned that a threat actor posted its claim to have stolen the records. The company then immediately activated its response procedures for such incidents and sought assistance from independent cybersecurity experts in the assessment and mitigation process. In the aftermath of the discovery, AT&T also notified law enforcement agencies, which further allowed the company to withhold public disclosure of the breach for May 9, 2024, and further June 5, 2024, so that proper investigation could be carried out.

It has been known that AT&T paid a 5.7 bitcoin ransom worth about $370,000 at the time in order to prevent the leaked information from the data theft. The ShinyHunters are also responsible for other well-publicized breaches. The hacker from ShinyHunters, whose identity is known by the pseudonym John Erin Binns, contacted Wired to verify the aforementioned claim of having sold the data. As per the report by Wired, the hacker had shared a screenshot as proof of the transaction. The account number for the cryptocurrency wallet he provided had indeed received the payment. He also shared a video, attesting to the actual deletion of the information.

That hacker’s name is John Erin Binns, an American residing in Turkey. Binns, who claimed responsibility for the AT&T hack, previously accessed call and text logs from a compromised Snowflake cloud storage account. Binns reached out to AT&T about the breach in mid-April. Although AT&T then paid him to secure the stolen data, the whole incident has raised some serious vulnerabilities in cloud storage, especially with Snowflake accounts.

AT&T’s data breach is part of a bigger attack scheme run by ShinyHunters. Over 150 companies have reportedly faced the impact of data theft from insecure Snowflake accounts in the past two months of April and May. This only further indicates how much cloud protection should be in place to ward off unauthorized access for sensitive information that is stored. Apparently, Binns was previously arrested in Turkey back in May over his involvement in the massive data breach at T-Mobile last year. On this occasion, after the arrest of Binns, it was another member of the group ShinyHunters who received the ransom payment.

Related Posts

Bite-Sized Offensive Cybersecurity Newsletter

We value your time and deliver only the most interesting and impactful updates straight to your inbox. No spam. Unsubscribe anytime.

Join over 10,000 people who have already subscribed.

Newsletter