this post was submitted on 19 Mar 2024
11 points (82.4% liked)

cybersecurity

3238 readers
1 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
top 4 comments
sorted by: hot top controversial new old
[–] ptz@dubvee.org 7 points 7 months ago (1 children)

BleepingComputer asked AT&T if it was possible the data came from a third-party service provider or vendor but has not received a response at this time.

That was my thought: AT&T didn't get breached and leak the customer data of 71 million themselves. They merely sold that data to a third party who got breached and leaked the customer data of 71 million people.

[–] swayevenly@lemm.ee 3 points 7 months ago (1 children)

So this was pretty old and customers got notified by AT&T that it was a 3rd party vendor they were selling data to.

[–] coffeeClean@infosec.pub 1 points 7 months ago

Okay, so it’s either:

  • incompetence (getting breached); or
  • malice (selling your data)

They might have been better off claiming incompetence. OTOH, we already know AT&T is malicious from project Fairview, so perhaps in the end it’s better for PR to just stay in the malicious lane and not be regarded as both malicious and incompetent.

[–] coffeeClean@infosec.pub 1 points 7 months ago

bleepingcomputer·com ← cloudflare site. Should be prefixed with web.archive.org/web/ or cautioned.