Data Intercepted by Cybersecurity Firm Suggests It's ATT's but ATT Denies Any Recent Breach

P

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
Content source
https://krebsonsecurity.com/2022/08/it-might-be-our-data-but-its-not-our-breach/
Milwaukee-based cybersecurity consultancy Hold Security said it intercepted a 1.6 gigabyte compressed file on a popular dark web file-sharing site. The largest item in the archive is a 3.6 gigabyte file called “dbfull,” and it contains 28.5 million records, including 22.8 million unique email addresses and 23 million unique SSNs. There are no passwords in the database.
Click to expand...

“This information does not appear to have come from our systems,” AT&T said in a written statement. “It may be tied to a previous data incident at another company. It is unfortunate that data can continue to surface over several years on the dark web. However, customers often receive notices after such incidents, and advice for ID theft is consistent and can be found online.”


The company declined to elaborate on what they meant by “a previous data incident at another company.”
Click to expand...

Personal note; I posted this article because after reading it, I had some gut feeling that, as an ATT customer, I'd better see if I've been pwned somehow (the article stated no passwords were among the confiscated date). Sure enough, I was. Yikes! Changed that post-haste! 🥶

pwned!.PNG
 
  • Like
  • +Reputation
  • Wow
Reactions: CyberPanther, Nevi, silversurfer and 5 others
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
plat said:
Personal note; I posted this article because after reading it, I had some gut feeling that, as an ATT customer, I'd better see if I've been pwned somehow (the article stated no passwords were among the confiscated date). Sure enough, I was. Yikes! Changed that post-haste! 🥶
Click to expand...
Was your email also leaked?
 
  • Like
  • +Reputation
Reactions: vtqhtr413, plat, Nevi and 4 others
P

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
No! Just checked it to be sure. Thanks for reminder, upnorth. (y):coffee:

It seemed coincidental but very fortunate that this article prompted me to check that password, which was only used for that site. It really spooked me so I reinstalled Sandboxie latest w/network restrictions hoping it would work better, and so far, it's doing great.

Oh yeah, the password was: Kingston101 Needless to say: it's a poison password now. Since I have a prepaid ATT acct., no money was siphoned off either. Phew!
 
  • Like
  • Applause
Reactions: vtqhtr413, Gandalf_The_Grey, harlan4096 and 1 other person
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
plat said:
It really spooked me so I reinstalled Sandboxie latest w/network restrictions hoping it would work better, and so far, it's doing great.
Click to expand...
Glad that SB works for you, but this hack was obvious not rescued and saved by that software and there isn't much we normal users can do in a situation like this when a service provider gets hacked, as it's out of our reach. But I get it as one of your local protection layer. That's smart!

Other then being vigilant and active reading security news like you @plat (y) or hopefully hear about it from ones phone operator, internet provider or personal network, community etc. The faster the better as that at least gives one a chance to start trace and backtrack if the same password is used elsewhere, and then also try to change it. Change a possible compromised password like in this case is highly recommended as it actually works.

2 of the services that @plat tested this with already been shared on this forum, but they are too good and worth constant being shared again.

haveibeenpwned.com

Have I Been Pwned: Check if your email has been compromised in a data breach

Have I Been Pwned allows you to search across multiple data breaches to see if your email address or phone number has been compromised.
haveibeenpwned.com haveibeenpwned.com
haveibeenpwned.com

Have I Been Pwned: Pwned Passwords

Have I Been Pwned allows you to search across multiple data breaches to see if your email address or phone number has been compromised.
haveibeenpwned.com haveibeenpwned.com
 
  • Like
  • +Reputation
Reactions: vtqhtr413, Gandalf_The_Grey, harlan4096 and 1 other person
P

plat

Level 29
Thread author
Top Poster
Sep 13, 2018
1,793
upnorth said:
then also try to change it.
Click to expand...

Absolutely. It is possible my ATT acct. could have been raided at a later time, who knows. Whenever there's news even hinting at a breach of any of my stuff, this is the very first step to take. The article says it could take a year or more before you MIGHT even notice something and by then, it's prob. too late.

Sandboxie is for the browser side. It's like a security blankie. 🥰:coffee: Like you said, nothing one can do when it's on the corporate side. Just hope that at the very least they fess up in a timely manner. But it seems that doesn't always happen. Case in point. :mad:

att email.PNG
 
  • Like
Reactions: vtqhtr413, harlan4096 and upnorth
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • +Reputation
    • Wow
    • Like
Okta hit by third-party data breach exposing employee information
Replies
0
Views
527
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • Wow
    • +Reputation
Data breach at French govt agency exposes info of 10 million people
Replies
1
Views
982
News Archive
Sandbox Breaker
Sandbox Breaker
Gandalf_The_Grey
    • Like
    • Wow
    • Sad
GoDaddy: Hackers stole source code, installed malware in multi-year breach
Replies
2
Views
666
News Archive
Zero Knowledge
Z

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top