AT&T Data Breach Exposes 50 Billion Records: Hackers Identified, Ransom Paid

Zinger Key Points
  • Several other Snowflake customers, including Santander Bank and Ticketmaster, experienced similar breaches.
  • Hackers accessed AT&T's data via Snowflake, extorted $2.5 million in bitcoin ransom payments.

U.S. prosecutors identified two hackers behind a massive AT&T Inc T data breach.

What Happened: The alleged hackers, Connor Moucka and John Binns, reportedly gained unauthorized access to AT&T’s data systems hosted on cloud data platform Snowflake Inc SNOW.

Around 50 billion customer call and text records were stolen, TechCrunch reports.

See Also: Trump, Vance’s Phone Data Reportedly Compromised By Chinese Cyber Group

The Department of Justice filed the indictment on Sunday, revealing the full scale of the data compromise.

Although the document refers to “Victim-2,” a major U.S. telecommunications company, the timeline and details align closely with AT&T’s disclosures made in April. According to AT&T’s statements, the breach exposed records such as call logs and text metadata.

Why It Matters: Prosecutors claim that Moucka and Binns successfully extorted at least three victims, demanding Bitcoin ransom payments worth approximately $2.5 million.

The hackers allegedly targeted the compromised data over a year-long campaign in November 2023, when they demanded ransom from multiple companies.

Several other Snowflake customers, including Santander Bank and Ticketmaster, experienced similar breaches.

Hackers infiltrated these companies’ Snowflake-hosted data, extracting susceptible personal and corporate information. Reports indicate that the stolen data encompassed social security numbers, driver’s licenses, and banking information.

Moucka was apprehended in Canada last week. Binns had previously been detained in Turkey. Their arrest comes after months of investigation into a string of cyberattacks affecting U.S. companies through Snowflake’s data platform.

In the aftermath, AT&T reportedly paid a ransom of $370,000 to secure the deletion of stolen records. In August, Snowflake CEO Sridhar Ramaswamy stated that Snowflake’s core business remains unaffected by the recent cyberattack despite a dip in stock prices. Ramaswamy clarified the breach stemmed from weak customer security measures, not flaws in Snowflake’s platform, impacting clients like AT&T and Live Nation.

Price Action: AT&T gained over 28% year-to-date. The stock closed lower by 0.72% at $22.15 on Tuesday. Snowflake closed higher by 1.59%.

Now Read:

Image: Shutterstock

Market News and Data brought to you by Benzinga APIs
Comments
Loading...
Posted In: NewsMediaAI GeneratedBriefsCybersecurityStories That Matter
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!