AT&T notifies regulators after customer data breach

erek

erek

[H]F Junkie
Joined
Dec 19, 2005
Messages
10,918
“The leaked data also included encrypted account passcodes, which allow access to customer accounts.

Soon after the full dataset was published, a security researcher notified TechCrunch that the encrypted passcodes found in the leaked data were easy to decipher. AT&T reset those account passcodes after TechCrunch alerted AT&T on March 26 to the risk posed to customers. TechCrunch held its story until AT&T could complete the process of resetting affected customer passcodes.


AT&T eventually acknowledged that the leaked data belongs to its customers, including about 65 million former customers.

Companies experiencing data breaches that affect large numbers of people are required to disclose the incident with U.S. attorneys general under state data breach notification laws. In its notices filed in Maine and California, AT&T said it is offering identity theft and credit monitoring to affected customers.

AT&T has still not identified the source of the leak.”

Source: https://techcrunch.com/2024/04/10/att-notifies-regulators-after-customer-data-breach/
 
And again nothing really will be done about it, no punishment, just an 'OOPS'. Is this even news anymore? Happens so often i feel like its just how businesses operate now, there just is always some level of customer data leaking out all the time.
 
Source of the leak was probably a call center, they move them around so regularly as contracts expire chasing the better deal that either a former location said FU I’m gonna sell your data, or a new one that was aggressively priced didn’t have the security it needs (because that costs money) and was leaking like a sieve.
 
and of course these institutions are in no way held accountable for this. If someone grafittis my house, ie not my fault, the city will absolutely start fining me for blight but identities being stolen, huge inconveniences for people, possible loss of money, nah not our problem but here's 12 months of free credit monitoring.

Fyi I say this as someone not a customer of AT&T
 
sfsuphysics said:
and of course these institutions are in no way held accountable for this. If someone grafittis my house, ie not my fault, the city will absolutely start fining me for blight but identities being stolen, huge inconveniences for people, possible loss of money, nah not our problem but here's 12 months of free credit monitoring.

Fyi I say this as someone not a customer of AT&T
Click to expand...
The consequences for neglecting customer data and allowing it to be stolen should be so high and scary that no company ever wants to keep any internet accessible record ever. I know i shouldnt be attacking the people that had it stolen from them, but maybe not every single f***ing company should keep all our data? Now gas pumps want me to have an account. I just want to buy a donut, a coffee and fill up my tank, you don't need a complete history for this.

If you do need info to help protect against fraudulent accounts, slow the process down and require it to be manually checked in an offline records search.

I want a company to be terrified when they lose data on people. Not 'well just set up a credit check service for them and well lets raise their rates in 6months to cover it".

*angrily hulk smashes his rocking chair into the porch. Sits down because im tired and now my back hurts*
 
I got my email (n)

Oh yay, they are offering free credit monitoring and support if your identity is stolen. LAME!
 
You must log in or register to reply here.
Back
Top