What just happened? Several AT&T customers recently received an email stating that hackers had accessed their Customer Network Information (CPNI). Traditional phishing vocabulary, but the alert is not a scam. Users should take steps to secure their AT&T account, including strengthening their password and submitting a CPNI restriction request.
AT&T recently alerted Customers that a cyberattack exposed some information from their accounts. No credit card details, social security numbers, passwords, or dates of birth were released, but the hack exposed some details about users’ phone plans.
Information at risk includes customer first names, email addresses, number of lines in accounts, types of devices, device upgrade eligibility, names of rate plans, amounts past due, monthly payment amounts, and minutes used. The company told Bleeping Computer that the breach affected About 9 million accounts.
The hackers targeted the January attack at an AT&T marketing vendor rather than the company itself. The provider did not identify the vendor but said the attackers exploited one of the vendor’s security vulnerabilities, which has since been patched. The company has also contacted federal law enforcement as required by law, and has reassured customers that it does not share personal account information with authorities.
Affected customers must maybe Additional password protection, such as logging in with a PIN. The PIN will protect user accounts from bad actors contacting AT&T and impersonating them using the personal information they have obtained. Customers can too to request CPNI restrictions, which restrict but do not prevent a company from marketing additional products to users.
Competitor provider T-Mobile suffer More significant attack in January. The breach affected 37 million customers, revealing names, billing addresses, email addresses, phone numbers, dates of birth, account numbers, and service plan information. However, no Social Security numbers or passwords have been leaked.
The company assumed that the attacker used an API to access the data as of last November until the company discovered its actions and stopped them on January 5th. Another hack last summer affected 77 million T-Mobile customers, after which the company settled a class action lawsuit in favor of $350 million.
The last major cybersecurity incident involving AT&T was in August 2021, when notorious threat actor ShinyHunters attempted to sell the personal information of 70 million customers. The telecom giant denied that the data cache originated from its systems, but ShinyHunters insisted it was authentic, an offer database in the amount of $200,000. Like the January hack, the information may have come from one of the company’s associates.