Long Past AT&T Data Breach Data Resurfaces Giving Away Sensitive Data on 71 Million Customers
AT&T customers heed this warning! At the very least, listen up if you were an AT&T customer way back in 2021, or prior to it. You see, that’s when a threat actor going by the name of ShinyHunters posted to an online forum (RaidForums) that they had acquired sensitive information on 71 million AT&T customers. They declared they were posting it up for sale at a whopping $1 million. That information not only included phone numbers, but also social security numbers and birthdates that were supposedly encrypted, but then decrypted and also included in the sale.
What can someone do with all of the information (which also included names and addresses)? As you may guess, it can all be used for text phishing; otherwise known as smishing.
A quick review of smishing…it’s when someone sends a text or SMS message, typically with a link included, that aims to gather more sensitive data from you. Often, the link may take you to a form that asks for payment information. A common smashing attack going around now claims to be from the U.S. Postal Service stating a package could not be delivered and they need payment information in order to do so. Don’t fall for it. Government agencies will not contact you in that way.
Additional phishing may come in the form of phone calls or email, so watch out for those too. Don’t click on links or attachments unless you can verify that they are legitimate. If they claim something is wrong or needs to be confirmed in your account, log in to your account directly to make sure. No need to click anything in the incoming message.
Another scam to be on the lookout for with the AT&T data that is out there is SIM Swapping. This is when someone contacts the cellular carrier and convinces them to switch your phone number to them. It happens. With all the data that was accessed in this attack, it’s not so far-fetched to believe it. If they succeed, they can get access to your one-time login codes that get sent via text for your accounts. If you get any message that your number has been moved and it wasn’t moved by you, call your carrier immediately. This applies no matter what cellular provider you use.
As for this particular case, AT&T denies, to this day, that the data belonged to them and there was no evidence they suffered from a data breach. However, all evidence does point to this or one of their third-party providers, so if you were their customer, you’ve been warned.
What Is The Price Of The Average Data Breach? Awareness Training May Be The Key To Prevention
Published March 23, 2024
The price tag for a data breach went up this year, way up. Although the global average cost per breach is now a whopping $3.86 million, the average cost for the U.S. is $8.64 million, the most expensive in the world. IBM’s “2020 Cost of a Data Breach” report sheds light on the growing financial costs of a breach, having increased by more than $2 million each over the past two years. The report also finds employees are the costly reason behind enterprise data breaches.
Phony Voicemail Links Steal Employee Credentials From Office 365 And Outlook Users
Published March 12, 2024
Most of us know phishing emails and fake texts are a hacker’s calling card for stealing valuable PII. But recently, researchers at Zscaler cloud security sounded the alarm about an unusual malware campaign using voicemail-themed email phishing as the primary hook for cyberattacks. It’s only after Zscaler fell victim to this campaign that the company felt compelled to study it further. Zscaler finds this cybercrime targets employees in the U.S. using Microsoft Office 365 and the Outlook email service.
Keeping Your Mobile Device Apps Virus Free
Published February 25, 2024
It’s no secret that cybercriminals take advantage of anxiety-filled times and the current coronavirus pandemic (COVID-19) is most certainly one of those moments. The latest cybersecurity news reports that Android smartphones are being targeted with apps claiming to have up-to-date data on COVID-19. These infected apps promise the latest updates, but to unsuspecting users who download them, they also promise malware will surely be installed on your mobile device.
Mobile Banking Apps Continue To Be A Hi Value Target For Cybercriminals
Published February 15, 2024
It’s that time of year when organizations that track cybersecurity stats and other information start to release their results. And to no one’s surprise, mobile banking has been under attack in 2021. The Nokia 2021 Threat Intelligence Report found the cybercriminals’ desire to steal your banking credentials has ramped up throughout the year by logging your keystrokes, taking screenshots, trying to snag those two-factor authentication (2FA) codes, and using overlays. There’s no lack of trying to get your confidential information…and your money.
Tips for Securing Your Mobile Devices
Published January 5, 2024
Nearly all of us these days have some type of mobile device that is essentially a part of us. It is filled with all kinds of personal information, such as our contacts, our email conversations, and perhaps even our health information. Losing it, having it accessed without permission, or finding out it’s infested with malware can be a really scary moment. Fortunately, there are some things you can do to protect those devices and the information on them.
