AT&T hack: How much did telco pay for stolen data?
What's the story
AT&T, a leading US telecom company, has reportedly paid a hacker nearly $370,000 in cryptocurrency to erase stolen customer data after a major security breach. The breach affected tens of millions of customers and was confirmed by AT&T last Friday. According to Wired, the payment was made in May, and the hacker had to provide a video proving the data had been deleted as part of the deal.
Hacker deal
Negotiations and payment to hacker
AT&T negotiated the data deletion through an intermediary, a security researcher known as Reddington. The hacker initially demanded $1 million but settled for about a third of that amount. Reddington, who was hired by the hacker and paid by AT&T for his role in the negotiations, shared a video with Wired showing the complete deletion of the stolen dataset.
Company response
AT&T silent on alleged payment, assures data security
AT&T has yet to publicly comment on the alleged payment. The company disclosed that the stolen data included phone call and text message records from May 1, 2022, to October 31, 2022. It also included records from January 2, 2023. However, it did not contain personally identifiable information like social security numbers or dates of birth. AT&T previously assured customers that it did not believe the data was publicly available but would notify affected individuals if their information was involved.
Repeat breach
Second major breach in 2024
This is the second major breach to hit AT&T this year. In March, personal information like names and social security numbers of 7.6 million current customers and 65.4 million former ones were stolen in an attack. The company confirmed that hackers accessed the data through a third-party cloud platform where it stores customer information. AT&T is working with law enforcement to investigate the incident and is offering credit monitoring services to affected customers.