ALBAWABA - Massive US telecom company, AT&T, reportedly paid a hacker about $370,000 to erase stolen sensitive user data and produce a video showing evidence of deletion after it was revealed on Friday that hackers had obtained call information belonging to tens of millions of its customers in massive cyber-attack.
Working with the infamous ShinyHunters hacker group, which has taken down numerous victims' personal information via unprotected Snowflake cloud storage accounts, the hacker tells WIRED that AT&T paid the ransom in May. He even provides the address of the cryptocurrency wallet that sent the money to him and the address that received it.
In an SEC filing earlier on Friday, AT&T disclosed that an internal investigation found that hackers stole six months of call and text message information of virtually every cellular network user from a third-party cloud service in April. The data includes calls and messages from May 1 to Oct. 31, 2022, and on Jan. 2, 2023.
While some experts point out that the quantity of the purported ransom payment was astonishingly modest in contrast to other recent prominent data theft instances, according to Bloomberg, the extent and content of the data, including certain geographical details, impose fears to national security.
Chris Janczewski, head of global investigations for crypto-tracing firm TRM Labs, verified using the company's tracking program that a transaction with an amount of 5.72 bitcoins (equal to $373,646 at the time) was observed, WIRED adds, and that the funds have been laundered via multiple cryptocurrency trading platforms and wallets. However, Janczewski notes that no sufficient evidence regarding the hacker’s identity could be found.
