AT&T Reportedly Pays Hacker About $400K To Wipe Stolen Data, Security Expert Says It Was 'Drop In The Ocean' For The Company: Here's Why

Telecom giant AT&T Inc. T allegedly paid a hacker around $400,000 to delete sensitive data they are said to have stolen.

What Happened: A hacker who allegedly accessed sensitive call and text logs from AT&T said they received about $400,000 to delete the data cache, reported Bloomberg.

A Bitcoin wallet address provided by the hacker showed a transaction in mid-May that corresponds with an extortion payment. A source familiar with the ransomware negotiations confirmed the payment from AT&T to the hacker.

The hacker reportedly provided a video showing them deleting the data to demonstrate that they had fulfilled their agreement with AT&T. However, the authenticity of the video is still uncertain.

See Also: Meta Removes ‘Heightened Penalties’ On Donald Trump’s Accounts A Day After Ex-President Threatens To Put Mark Zuckerberg In Jail

The alleged hack could have exposed call and text logs from nearly all AT&T wireless customers over six months in 2022.

AT&T did not immediately respond to Benzinga’s request for comments.

Blockchain analysis company, Chainalysis Inc., examined the record of payment provided by the hacker and found it to be an extortion payment. The company could not determine if AT&T made the initial Bitcoin payment.

Subscribe to the Benzinga Tech Trends newsletter to get all the latest tech developments delivered to your inbox.

Why It Matters: The reported payment is relatively modest compared to ransom demands and payments seen in other recent high-profile data breaches.

“For a big company like AT&T, $380,000 is a drop in the ocean,” said Jon DiMaggio, chief security strategist at Analyst1, adding that the relatively small ransom payment could be attributed to the absence of financial records accessed during the breach.

This incident is not the first time AT&T has faced cybersecurity issues. In April, AT&T disclosed a significant data breach dating back to 2021, which resulted in the exposure of sensitive information of 73 million users. The leaked data, included Social Security numbers, email addresses, phone numbers, and dates of birth.

In another incident in April 2023, hackers targeted users with AT&T email addresses, gaining access to cryptocurrency exchanges and stealing victims' digital assets.

Check out more of Benzinga's Consumer Tech coverage by following this link.

Read Next: 

Disclaimer: This content was partially produced with the help of Benzinga Neuro and was reviewed and published by Benzinga editors.

Photo by Mike Mozart via Flickr

Market News and Data brought to you by Benzinga APIs
Comments
Loading...
Posted In:
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!