11
you are viewing a single comment's thread
view the rest of the comments
[-] ptz@dubvee.org 7 points 8 months ago

BleepingComputer asked AT&T if it was possible the data came from a third-party service provider or vendor but has not received a response at this time.

That was my thought: AT&T didn't get breached and leak the customer data of 71 million themselves. They merely sold that data to a third party who got breached and leaked the customer data of 71 million people.

[-] swayevenly@lemm.ee 3 points 8 months ago

So this was pretty old and customers got notified by AT&T that it was a 3rd party vendor they were selling data to.

[-] coffeeClean@infosec.pub 1 points 8 months ago

Okay, so it’s either:

  • incompetence (getting breached); or
  • malice (selling your data)

They might have been better off claiming incompetence. OTOH, we already know AT&T is malicious from project Fairview, so perhaps in the end it’s better for PR to just stay in the malicious lane and not be regarded as both malicious and incompetent.

this post was submitted on 19 Mar 2024
11 points (82.4% liked)

cybersecurity

3306 readers
114 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS