- Attackers have access to the provider’s internal data
- There are at least three confirmed cases of funds being stolen in this manner.
- The company declined to comment on possible damage.
Apparently, the AT&T provider’s database has been hacked again. Hackers use mailboxes to recover passwords for user accounts on cryptocurrency sites, after which they empty their wallets.
Portal announced this TechCrunch citing your source. Anonymous reported that the hackers appear to have access to part of the AT&T internal network.
This allowed them to generate special mail keys, through which you can enter the account without a password. Having gained access to e-mail, attackers use it to restore data to an account on cryptocurrency resources, if any.
TechCrunch reached out to some possible victims from a list of compromised mailbox owners. At least two reported a leak of funds.
AT&T spokesman Jim Kimberly confirmed the fact of unauthorized generation of mail keys. But the company is not ready to discuss possible damage. Some users received a notification about the need to reset the password from the mailbox.
But how this will help, given that hackers still have access to the AT&T API, is unknown. One of the victims, for example, stated that attempts to hack her account have been ongoing since November 2022:
“This happens when Outlook is unable to connect to my account. Then I quickly go to the provider’s website, delete the key and create a new one. This happened at least 10 times.”
Recall that in March, hackers stole the personal data of about 9 million AT&T users. And before that, in January, a competitor of the provider T-Mobile reported about the hack.