Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Broadcasting & Cable
Broadcasting & Cable
Business
Jack Reid

AT&T Reportedly Paid Almost $400,000 in Ransom to Hackers to Delete Private Customer Data

The logo of AT&T outside of AT&T corporate headquarters on March 13, 2020 in Dallas, Texas.

AT&T paid a hacker group about $400,000 to delete customer data that was stolen in a widespread leak earlier this year, according to Bloomberg.

The Dallas telecom reportedly negotiated a roughly $380,000 payment through an intermediary called Reddington, which acted on behalf of the ShinyHunters hacking group.

AT&T disclosed Friday that hackers had leaked private information from “nearly all” of its customers through a third-party cloud service called Snowflake, which AT&T uses to store data.

The breach is one of several compromises associated with the software provider Snowflake, as the company confirmed Friday that the AT&T hack was connected to other incidents with Live Nation Inc.’s Ticketmaster and online loan marketplace LendingTree.

Bloomberg called it one of the worst security breaches of a U.S. telecom company in history.

According to Wired, AT&T has received a video to prove that the hackers have deleted all customer data.

AT&T has yet to confirm whether it received the video, but said that it “does not believe that the data is publicly available.”

The reported payout is relatively low compared to recent ransom payments made by other high-profile companies including UnitedHealthcare, which made a $22 million ransom payment in February, according to Bloomberg.

“For a big company like AT&T, $380,000 is a drop in the ocean,” Jon DiMaggio, chief security strategist at Analyst1, told Bloomberg.

ShinyHunters reportedly demanded an initial ransom of $1 million, but AT&T was able to talk the group down to a lower price, which it paid on May 17th in Bitcoin, Wired said.

The stolen data included telephone numbers and cell site IDs, information that could potentially be used to locate and identify customers.

However, AT&T says other sensitive data such as the content of texts, social security numbers and private personal information were not leaked.

AT&T didn't immediately respond to our requests for comment. 

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.