AT&T Data Breach: 9 Million Customers Affected by Marketing Vendor Hack

by | Mar 10, 2023 | News

at&t hacked data breach

Post Views: 592

Premium Content

Patreon
Subscribe to Patreon to watch this episode.
Reading Time: 3 Minutes

Data Breach

AT&T has announced that a marketing vendor was hacked in January, causing approximately 9 million wireless accounts to have their Customer Proprietary Network Information (CPNI) exposed.

AT&T has notified its customers of the breach, stating that the information exposed did not contain any sensitive personal information such as social security numbers or passwords. However, customer first names, wireless account numbers, wireless phone numbers, and email addresses were among the data exposed.

See Also: So you want to be a hacker?
Offensive Security, Bug Bounty Courses

Unauthorized access of customers CPNI data

A small percentage of impacted customers also had exposure of rate plan names, past due amounts, monthly payment amounts, various monthly charges, and/or minutes used, but the information was several years old. AT&T has notified federal law enforcement about the unauthorized access of the CPNI data, as required by the Federal Communications Commission.

Customers are advised to toggle off CPNI data sharing on their accounts to reduce exposure risks in the future if AT&T uses it for third-party vendor marketing purposes.

Trending: Primer on Broken Access Control vulnerabilities and how to find them

Trending: Offensive Security Tool: SecretOpt1c

AT&T has not yet responded on the incident

An AT&T spokesperson has yet to provide more information about what specific information was exposed in the incident and what vendor was breached for this data to be exposed.

In August 2021, AT&T denied a data breach after a notorious threat actor put up for sale a database containing what he claimed to be the personal information of 70 million AT&T customers.

Trending: Critical vulnerabilities discovered in popular Houzez theme and plugin for WordPress

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: [email protected]

Source: bleepingcomputer.com

Source Link

Merch

Recent News

EXPLORE OUR STORE

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This