Telecommunications company AT&T has denied claims that the personal data of 70 million of its customers were stolen by threat actor ShinyHunters. 

Earlier this month, threat actor ShinyHunters, shared a small sample of the data they allegedly stole from AT&T on an underground hacking forum. 

Researchers at RestorePrivacy analysed the data and explained that “it appears to be authentic based on available public records. Additionally, the user who posted it has a history of major data breaches and exploits.”

ShinyHunters have previously exploited Microsoft, Pixlr, Mashable, Dave, Tokopedia, and Havenly among others. 

“While we cannot yet confirm the data is from AT&T customers, everything we examined appears to be valid,” the researchers added. 

It is believed that ShinyHunters accessed customer data including names, email addresses, phone numbers, addresses, Social Security numbers, and birth dates. 

ShinyHunters informed RestorePrivacy that the stolen data related to AT&T customers located in the United States. 

In a blog post, AT&T has denied the breach, stating: “Based on our investigation today, the information that appeared in an internet chat room does not appear to have come from our systems.”


PrivSec Global is back for another 2 information-packed days, featuring a series of brand new topics and themes.