AT&T resets account passcodes after millions of customer records were leaked online

Phone giant AT&T The company has reset millions of customer account passcodes after a massive amount of data containing AT&T customer records was dumped online earlier this month, TechCrunch has exclusively learned.

The US telecom giant initiated the passcode mass-reset after TechCrunch reported to AT&T on Monday that the leaked data contained encrypted passcodes that could have been used to access AT&T customer accounts.

A security researcher who analyzed the leaked data told TechCrunch that encrypted account passcodes are easy to decipher. TechCrunch alerted AT&T about the security researcher’s findings.

In a statement Saturday, AT&T said: “AT&T has launched a robust investigation supported by internal and external cybersecurity experts. Based on our preliminary analysis, the data set appears to be from 2019 or earlier, affecting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders.

“AT&T does not have evidence of unauthorized access to its systems that resulted in the exfiltration of the data set,” the statement said.

TechCrunch held off publishing this story until AT&T could begin resetting customer account passcodes. AT&T also has a post on what customers can do to keep their accounts secure.

It is the first time AT&T has acknowledged that the leaked data belonged to its customers, nearly three years after a hacker claimed to have stolen 73 million AT&T customer records. AT&T denied the breach of its systems, but the source of the leak remained inconclusive.

AT&T said Saturday that “it is not yet known whether the data in those areas came from AT&T or one of its vendors.”

In 2021, the hacker claiming the AT&T breach posted only a small sample of records, making it difficult to verify whether the data was authentic. Earlier in March, a data vendor published the entire 73 million alleged AT&T records online on a known cybercrime forum, allowing a more detailed analysis of the leaked records. AT&T customers have confirmed that their leaked account data is accurate.

The leaked data includes names, home addresses, phone numbers, dates of birth and Social Security numbers of AT&T customers.

The security researcher told TechCrunch that each record of the leaked data also included an AT&T customer’s account passcode in encrypted format. The researcher showed TechCrunch in a video call how they deciphered the data into plaintext account passcodes.

The researcher double-checked his findings by looking at records in leaked data about AT&T account passcodes that were known only to him.

This is breaking news. more to come…