AT&T hack: Carrier paid ransom for data; delayed public disclosure at request of FBI

More details are coming to light about the AT&T hack, which saw the personal data of around 110M customers compromised – including records of who they called and texted.

It’s reported that the carrier made a Bitcoin ransom payment in return for the hacker deleting the data, and that public disclosure of the security breach was delayed for two months in response to a request from the FBI …

The massive AT&T hack

The carrier disclosed the hack last week.

A massive AT&T data breach has seen hackers able to steal the personal data of almost every customer the company has – a total of some 110 million Americans. In an incredible security fail, the stolen data includes not only customer phone numbers, but also records of who contacted whom – a potential privacy minefield.

The carrier said the data was obtained from a third-party cloud platform, and this is now believed to be Snowflake – where data from other companies was also obtained. This includes obtaining the personal data of 560M TicketMaster customers.

Carrier paid a ransom

Wired provides evidence that AT&T paid a ransom to the hacker in return for them deleting the data. The hacker originally demanded $1M in Bitcoin, and the amount finally paid was the equivalent of $373k.