AT&T Reveals Failed Hack Attack
AT&T has revealed it was the target of an unsuccessful hack attack, with would-be data thieves attempting to force access to customer accounts through the carrier's website. No accounts were breached in the assault AT&T told certain subscribers in letters recently, eWeek reports, with less than 1-percent of the company's 101m wireless users impacted. However, it still suggests that subscribers be wary of an uptick in spam and phishing attempts "out of an abundance of caution."
"We recently detected an organized and systematic attempt to obtain information on a number of AT&T customer accounts," the carrier's letters to affected subscribers suggested, "including yours." According to AT&T, those responsible for the failed hack tried to use a script to match cellphone numbers to online accounts, in the hope that a connected pair would enable access to personal data, billing information and more.
The prompt communication from AT&T is, it's been suggested, a reaction to earlier hacking attempts which were more successful, in the hope of avoiding criticism over its security policies. Back in June 2010, hackers managed to break into AT&T's online systems and extract a list of 114,000 iPad 3G subscribers details, including government officials and well known celebrities.
The person responsible was subsequently discovered and found guilty earlier this year, facing prison and a considerable fine. It's possible that the earlier hack provided the inspiration for this latest attempt, as it too used speculative device details – in this case iPad 3G ICC-IDs – and attempted to match them with online credentials.