What the Tech: AT&T data breach leaked 70K customer’s information
AUGUSTA, Ga. (WRDW/WAGT) - The recent data leak at AT&T is just the latest incident where the private information of millions of consumers was compromised and is now in the hands of cybercriminals.
AT&T on Monday confirmed the data leak of over 70,000 current and former AT&T customers.
The data includes Social Security Numbers and other personal information. Web security consultant Troy Hunt, who also runs the website www.haveibeenpwned, said this data leak is worse than many others due to the wealth of information included.
“Social security numbers are a big part of identity verification,” Hunt said. “Then we’ve got names, phone numbers, physical addresses. That’s really all of the building blocks for theft, unfortunately”.
AT&T confirmed in a release Monday that the data has been released on the dark web but Hunt says, it’s much more accessible than that.
“We’re seeing headlines that it’s on the dark web. It’s not the dark web. It’s the clear web. It is somewhere you go on your normal browser. There will be thousands if not tens of thousands of people who now have all of this data,” Hunt explained.
Armed with all that information, a cybercriminal would be well on their way to stealing the victims’ identities. And there’s not much victims can do about it now.
“We cannot go and change our date of birth,” Hunt said. “Changing a social security number is an absolute nightmare, that’s not going to happen for 70 million people. So we have to work on the fact that the data is out there and we’re never going to be able to get it back.”
One problem, Hunt says, is that most people don’t take steps to protect their data until they become a victim. And it’s safe to say everyone online has been in a data leak.
We just don’t know it. So taking steps now is critical. Hunt himself said his email address has been included in some 30 data leaks.
“I live this stuff and I can’t stop myself from being in data breaches. The only thing I can do is minimize the impact when I am.”
What can that be? Hunt says identity theft and fraud protection services that alert people when there’s a credit inquiry on their name, is a good step toward protecting your privacy. These are about $100 a year.
“But I’m also conscious that this is not a panacea,” cautions Hunt. “This is not going to necessarily notify me when someone has my name and and they’re trying to to my email .”
To protect s that use email addresses and s to access Hunt, and other cybersecurity experts strongly recommend using strong and unique s for individual s, turning on multi-factor authentication, and a manager.
Copyright 2024 WRDW/WAGT. All rights reserved.
