A hacking group with access to AT&T’s internal network reportedly took up to $20 million in cryptocurrency from consumers’ wallets.
According to TechCrunch, cybercriminals infiltrated AT&T’s employee portal, which allowed them to generate their own mail keys — the credentials that enable anyone with an AT&T email address to access their accounts without a password.
Once an assailant possesses a mail key, they are able to alter users’ crypto exchange passwords and reset their registration information. From there, they can flow currency from their victims.
The source claimed the hackers seized between $15 million and $20 million in cryptocurrency. TechCrunch was unable to confirm the quantity of misappropriated cryptocurrency, and AT&T has not disclosed the number of victims.
Several clients have come forward to corroborate the attacks. One victim claimed to have lost $134,000 from his Coinbase account, while another said, “This has occurred repeatedly since November 2022 — probably ten times at this point.”
Extremely aggravating, as it is evident that the ‘hackers’ have direct access to the database or folders containing these customer Outlook credentials.
Customers with att.net, sbcglobal.net, bellsouth.net, and other AT&T email addresses are considered vulnerable.
In spite of the anonymous source’s assertions, customer concerns, and even Telegram discussions in which the hackers claim to have access to the “entire AT&T employee database,” the corporation remains sure that no attackers have compromised its internal systems.
In fact, an AT&T spokesperson stated, “No system was breached for this exploit. The evil actors accessed an API.”
The spokesperson added that the organization has updated its security and “proactively required a password reset on some email accounts.” This appears to have eradicated any secure email keys that had been generated.
Also Read: Franklin Templeton Connects A 270 Million Dollar Fund To The Polygon Network
Wallets