AT&T paid a hacker group about $400,000 to delete customer data that was stolen in a widespread leak earlier this year, according to Bloomberg.
The Dallas telecom reportedly negotiated a roughly $380,000 payment through an intermediary called Reddington, which acted on behalf of the ShinyHunters hacking group.
AT&T disclosed Friday that hackers had leaked private information from “nearly all” of its customers through a third-party cloud service called Snowflake, which AT&T uses to store data.
The breach is one of several compromises associated with the software provider Snowflake, as the company confirmed Friday that the AT&T hack was connected to other incidents with Live Nation Inc.’s Ticketmaster and online loan marketplace LendingTree.
Bloomberg called it one of the worst security breaches of a U.S. telecom company in history.
According to Wired, AT&T has received a video to prove that the hackers have deleted all customer data.
AT&T has yet to confirm whether it received the video, but said that it “does not believe that the data is publicly available.”
The reported payout is relatively low compared to recent ransom payments made by other high-profile companies including UnitedHealthcare, which made a $22 million ransom payment in February, according to Bloomberg.
“For a big company like AT&T, $380,000 is a drop in the ocean,” Jon DiMaggio, chief security strategist at Analyst1, told Bloomberg.
ShinyHunters reportedly demanded an initial ransom of $1 million, but AT&T was able to talk the group down to a lower price, which it paid on May 17th in Bitcoin, Wired said.
The stolen data included telephone numbers and cell site IDs, information that could potentially be used to locate and identify customers.
However, AT&T says other sensitive data such as the content of texts, social security numbers and private personal information were not leaked.
AT&T didn't immediately respond to our requests for comment.