AT&T paid hacker that attacked them for data deletion
AT&T may have just done what the Reddit community calls the dumbest move ever. To protect the breached data of its users, as announced earlier this month, they have paid around $300,000 in bitcoin to a hacker involved. The hacker is part of a notorious group known as ShinyHunters.
It happened back in May, although there was no word of it until now. It’s not surprising considering the shady nature of the transaction. The hacker spoke to Wired about it and claimed that he was asked to provide video evidence of the breached data being wiped — and yes, he did. He also provided the cryptocurrency wallet addresses, and Wired verified a 5.7 bitcoin payment on May 17.
Chris Janczewski from TRM Labs confirmed the payment of 5.72 bitcoin ($373,646) and noted the money was laundered through various exchanges and wallets, with no indication of who controls them. A security researcher named Reddington also confirmed a payment. He was the middleman between the hacker and AT&T, and said AT&T paid him. The hacker first asked for $1 million but settled for a third of that. Reddington showed WIRED the proof.
AT&T hasn’t responded to Wired’s request for comment. But Reddington does believe that they’ve scaled through the worst of it. He trusts that the entire AT&T dataset the hackers allegedly stole was deleted because they stored the data on a cloud server they could both access, and the hacker deleted it from that server.
However, previous reports indicate that the accounts don’t have multi-factor authentication. So the hackers must’ve gotten usernames, passwords, and in some cases, authorization tokens, allowing them to reach storage accounts of companies like Ticketmaster, Santander, and LendingTree.
As expected, many people doubt the hacker actually deleted the data while others say AT&T has encouraged future attacks. Both concerns are valid. Why would the hacker give up all that data just like that? It’s possible that they are copies already circulating the dark web.
One Reddit commenter believes that there’s more to the story than anyone is letting on. They strongly feel that AT&T doesn’t really care about their employees or customers, except when it affects their money or reputation. They suspect that the company might be hiding or protecting information about important people, maybe politicians or millionaires, hence the reason they’ve gone to such lengths to protect the breached data.
