AT&T Pays Hacker $370,000 to Delete Stolen Customer Data

In a recent security breach, AT&T disclosed that hackers had stolen call and text records of millions of customers. To mitigate the damage, AT&T paid a hacker, part of the ShinyHunters group, over $300,000 to delete the data and provide proof of deletion. The hacker confirmed the payment and provided a video as evidence of data erasure. However, despite these efforts, some risks may persist.

The breach occurred through unsecured Snowflake cloud storage accounts. A hacker named John Erin Binns allegedly stole the data, including metadata but not the content of calls or messages. AT&T learned about the breach in April and involved a mediator, Reddington, who facilitated the negotiation and received a fee from AT&T.

AT&T disclosed the breach only after obtaining exemptions to delay notification due to potential national security concerns. Although the hacker claims the data has been deleted, there is uncertainty about whether other copies of the data still exist. The FBI and other authorities are investigating the case, with Binns reportedly arrested in Turkey for an unrelated hack.

The breach highlights vulnerabilities in cloud storage security and the potential risks associated with unauthorized data access. AT&T, along with other affected companies, must address these security gaps to prevent future incidents.