Now we know why AT&T had 12 hour outage

Lame Duck · March 31, 2024

Personal data belonging to 73 million current or former AT&T customers has been leaked online.

Information including addresses, social security numbers and passcodes was published on the dark web, the US telecoms giant said.

https://www.yahoo.com/news/t-data-breach-millions-customers-233201619.html

Davidson Deac II · April 1, 2024

Its highly unlikely that the two are related in any way, other that both are ATT. That is just not the way it works.

Edited April 1, 2024 by Davidson Deac II

Davidson Deac II · April 1, 2024

If outsiders gained access to a company's network, the last thing they would want to do is cause an outage that brings attention to them. Such a hack would be subtle, and likely discovered after the fact.

The vast majority of major outages are caused by software/code upgrades that were improperly vetted, or engineers making a mistake. Sometimes denial of service attacks are a big problem as well. Data breaches rarely if ever are accompanied by an outage.

Lame Duck · April 1, 2024

1 hour ago, Davidson Deac II said:

If outsiders gained access to a company's network, the last thing they would want to do is cause an outage that brings attention to them. Such a hack would be subtle, and likely discovered after the fact.

The vast majority of major outages are caused by software/code upgrades that were improperly vetted, or engineers making a mistake. Sometimes denial of service attacks are a big problem as well. Data breaches rarely if ever are accompanied by an outage.

You do not think AT&T took the system down when they realized they are being hacked and likely realized what was stolen so they did not go back online until the patch was installed?

Davidson Deac II · April 1, 2024

2 hours ago, Lame Duck said:

You do not think AT&T took the system down when they realized they are being hacked and likely realized what was stolen so they did not go back online until the patch was installed?

I have been working in that area of IT for a long time, and it's highly highly unlikely. Personal information storage and the active network for phones are two completely different systems. Just a rough guess here, but when your phone connects to a network, the data stored on your phone (the phone chip number) is communicated to authentication servers and they confirm that phone has the right to use the ATT network. The communication doesn't necessarily contain personal data like email and such.

The breech is more along the lines of email, phone number and address that they have on file for bill pay and statement information, or when you log in via app to pay your bill. And the big issue is social security numbers. This is more along the lines of when you log into your account thru your phone or laptop to pay your bill or check the status of an order. This is not about the phone connecting to and using the ATT cell tower.

Most likely, they discovered the breech after the fact and then had to implement new security protocols, patches, and updates to prevent new breeches.

Lame Duck · April 1, 2024

58 minutes ago, Davidson Deac II said:

I have been working in that area of IT for a long time, and it's highly highly unlikely. Personal information storage and the active network for phones are two completely different systems. Just a rough guess here, but when your phone connects to a network, the data stored on your phone (the phone chip number) is communicated to authentication servers and they confirm that phone has the right to use the ATT network. The communication doesn't necessarily contain personal data like email and such.

The breech is more along the lines of email, phone number and address that they have on file for bill pay and statement information, or when you log in via app to pay your bill. And the big issue is social security numbers. This is more along the lines of when you log into your account thru your phone or laptop to pay your bill or check the status of an order. This is not about the phone connecting to and using the ATT cell tower.

Most likely, they discovered the breech after the fact and then had to implement new security protocols, patches, and updates to prevent new breeches.

They stole everything from AT&T… from names, addresses, social, birthdays to even PIN numbers. I mean, they sucked everything out. Whenever you discover you are being hacked but not sure of the source, you just shut everything down and trying to figure out in safe mode/offline where breach happened and patch it up before going back online. That’s why I’m thinking the systems went down was no coincidence. Rule of thumb, dark web gets all the info right away and hack communicated within few weeks of attack. Falls in line with an outage. I have been hacked before. My immediate response was to take everything offline and close the door before going back on as I wasn’t sure where hack was coming front.

Davidson Deac II · April 2, 2024

2 hours ago, Lame Duck said:

They stole everything from AT&T… from names, addresses, social, birthdays to even PIN numbers. I mean, they sucked everything out. Whenever you discover you are being hacked but not sure of the source, you just shut everything down and trying to figure out in safe mode/offline where breach happened and patch it up before going back online. That’s why I’m thinking the systems went down was no coincidence. Rule of thumb, dark web gets all the info right away and hack communicated within few weeks of attack. Falls in line with an outage. I have been hacked before. My immediate response was to take everything offline and close the door before going back on as I wasn’t sure where hack was coming front.

No, you don't. That is just not the way it works. You secure the network if there is an active breech, but this had been going on since 2019.

Edited April 2, 2024 by Davidson Deac II

Paa Langfart · April 3, 2024

On 4/1/2024 at 7:57 PM, Lame Duck said:

they sucked everything out

nice

Davidson Deac II · April 4, 2024

There have been so many data breaches, that I just assume all of my information is out there and just keep an eye on my accounts. Can't do much else.

Edited April 4, 2024 by Davidson Deac II

Lame Duck · April 4, 2024

I was just informed my info is on dark web from AT&T hack. I had AT&T uverse many many years ago.

PanthersATL · April 4, 2024

On 4/1/2024 at 7:57 PM, Lame Duck said:

They stole everything from AT&T… from names, addresses, social, birthdays to even PIN numbers. I mean, they sucked everything out. Whenever you discover you are being hacked but not sure of the source, you just shut everything down and trying to figure out in safe mode/offline where breach happened and patch it up before going back online. That’s why I’m thinking the systems went down was no coincidence. Rule of thumb, dark web gets all the info right away and hack communicated within few weeks of attack. Falls in line with an outage. I have been hacked before. My immediate response was to take everything offline and close the door before going back on as I wasn’t sure where hack was coming front.

that's not how systems or post-hack-discovery works.

As the previous caller mentioned, there's separation of billing/backend systems vs systems that allow phone calls to be made.

PanthersATL · April 4, 2024

23 minutes ago, Lame Duck said:

Yea, at some point that info will be released to public of how the data leak took place. AT&T is going to get hammered by the regulators. They are repeat offender too.

They're not alone - same has happened to many many other companies. I wouldn't bother focusing on the AT&T situation when time is better spent hardening your own security access sets across the board.

A data leak (from any company) will happen again. Best you can do is have a good plan in place for when it does.

Lame Duck · April 4, 2024

7 minutes ago, PanthersATL said:

that's not how systems or post-hack-discovery works.

As the previous caller mentioned, there's separation of billing/backend systems vs systems that allow phone calls to be made.

It was not just phone call system. The entire AT&T was down.

PanthersATL · April 4, 2024

2 hours ago, Lame Duck said:

I was just informed my info is on dark web from AT&T hack. I had AT&T uverse many many years ago.

If you think the AT&T hack is what put your info online for miscreants and rapscallions to utilize, you're mistaken. It's just another in an ongoing series.

Check https://haveibeenpwned.com/ for all the other places your online data may have leaked from.

The best defense is a good offense:

Use 2FA wherever possible. And not SMS messaging if you have options for Authenticator apps or other 2FA solutions. SMS is not secure (but it's better than nothing)
Turn on any security feature that can notify you of account changes
Have a unique password for every account
- Minimum of 20 characters, and a mixture of upper/lowercase letters, numbers, and symbols
- Use a password manager to manage all your passwords. Doesn't matter which one - 1Password, BitWarden, LastPass.... there are others. (disclaimer: some critics are not recommending LastPass due to its own one-off issues, but experts have dismissed those a bit for various reasons)
Put a freeze on all three of your credit reports (it's free!). This would/should keep your credit from being utilized fraudulently without your involvement/awareness

Sign In

Welcome!

Now we know why AT&T had 12 hour outage

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Topics

Posts