Now we know why AT&T had 12 hour outage

[PanthersATL]

4 minutes ago, Lame Duck said:

It was not just phone call system.  The entire AT&T was down.

I've worked in IT. I saw the news.  I shrugged, and mentally sent well-wishes to the System Admins who were working their butts off to bring systems back online knowing that it could have been anything from a bad software update pushed to various remote systems, to a cut cable line by a construction crew, to a networking intern who was cleaning up a cable closet and didn't plug a cord back in (then panicked when trying to fix it)

Similar to Facebook being down yesterday, or when Amazon's east coast data center goes offline taking down a wide swath of the internet (which seems to be an almost weekly occurrence -- if you know, you know)

[Lame Duck]

3 minutes ago, PanthersATL said:

If you think the AT&T hack is what put your info online for miscreants and rapscallions to utilize, you're mistaken. It's just another in an ongoing series.

Check https://haveibeenpwned.com/ for all the other places your online data may have leaked from.

The best defense is a good offense:

• Use 2FA wherever possible. And not SMS messaging if you have options for Authenticator apps or other 2FA solutions. SMS is not secure (but it's better than nothing)
• Turn on any security feature that can notify you of account changes
• Have a unique password for every account
  • Minimum of 20 characters, and a mixture of upper/lowercase letters, numbers, and symbols
  • Use a password manager to manage all your passwords. Doesn't matter which one - 1Password, BitWarden, LastPass.... there are others.  (disclaimer: some critics are not recommending LastPass due to its own one-off issues, but experts have dismissed those a bit for various reasons)
• Put a freeze on all three of your credit reports (it's free!). This would/should keep your credit from being utilized fraudulently without your involvement/awareness

 

I was told it’s part of AT&T data leak by my security provider.

[PanthersATL]

Just now, Lame Duck said:

I was told it’s part of AT&T data leak by my security provider.

AT&T is calling it a leak because its better PR than other phrasing that could have been used -- primarily because they don't have evidence that a hack took place vs it being data from themselves directly or from one of their vendors.

In either case - somehow, a dataset of 7.6m customers was shared to a publicly-accessible website -- easily discoverable via a Google search... (and subsequently copied over to the "dark web" to be used for nefarious purposes). 

The big AT&T outage took place on Feb 22. The dataset being talked about appears to be from 2019 or earlier (according to AT&T recently). The data seems to have been posted online/been available circa Mar 17.

Other reports said that it was from an alleged 2021 data breach that AT&T also denied happening, but was released online by someone else on Mar 17.

Based on the timeline of activities related to the data itself, there doesn't appear to be correlation between the Feb outage and the availability of the dataset

 

 

[Lame Duck]

2 minutes ago, PanthersATL said:

AT&T is calling it a leak because its better PR than other phrasing that could have been used -- primarily because they don't have evidence that a hack took place vs it being data from themselves directly or from one of their vendors.

In either case - somehow, a dataset of 7.6m customers was shared to a publicly-accessible website -- easily discoverable via a Google search... (and subsequently copied over to the "dark web" to be used for nefarious purposes). 

The big AT&T outage took place on Feb 22. The dataset being talked about appears to be from 2019 or earlier (according to AT&T recently). The data seems to have been posted online/been available circa Mar 17.

Other reports said that it was from an alleged 2021 data breach that AT&T also denied happening, but was released online by someone else on Mar 17.

Based on the timeline of activities related to the data itself, there doesn't appear to be correlation between the Feb outage and the availability of the dataset

 

 

Yea, at some point that info will be released to public of how the data leak took place.  AT&T is going to get hammered by the regulators.  They are repeat offender too.

[PanthersATL]

1 hour ago, Lame Duck said:

Yea, at some point that info will be released to public of how the data leak took place.  AT&T is going to get hammered by the regulators.  They are repeat offender too.

AT&T is not the only one this has happened to. There have been and will be data leaks from other companies.

Your time is better spent not focusing on AT&T, but on hardening your own security setups for when (not if) this happens again - whether it be AT&T or any other company with your info.

If your security provider is not giving you similar advice, then they need to improve their communication protocol and process.

(Somehow, my previous reply didn't post. This may or may not be a repeat with different words.)

[Davidson Deac II]

22 minutes ago, PanthersATL said:

AT&T is not the only one this has happened to. There have been and will be data leaks from other companies.

It would probably be easier to find a list of companies that haven't been compromised.  

[PanthersATL]

7 minutes ago, Davidson Deac II said:

It would probably be easier to find a list of companies that haven't been compromised.  

Responses like this are ones where I wish @Zod would add a "laugh pie" option

[Lame Duck]

4 hours ago, PanthersATL said:

AT&T is not the only one this has happened to. There have been and will be data leaks from other companies.

Your time is better spent not focusing on AT&T, but on hardening your own security setups for when (not if) this happens again - whether it be AT&T or any other company with your info.

If your security provider is not giving you similar advice, then they need to improve their communication protocol and process.

(Somehow, my previous reply didn't post. This may or may not be a repeat with different words.)

There was so weird forum error this morning.  It said you posted something but post did not exist.  
 

My security set-up is as good as it probably gets but even all of the security in the world I still go hacked few months ago.  Some dude used CoD (Call of Duty) video game and got into my pc and changed my background.  Neither Norton nor Malewarebytes did anything.  

Edited April 4 by Lame Duck

[PanthersATL]

17 hours ago, Lame Duck said:

Some dude used CoD (Call of Duty) video game and got into my pc and changed my background.  Neither Norton nor Malewarebytes did anything.  

Norton nor Malwarebytes would not do anything in this case, as the gaming software requires certain ports/features to be accessible for it to function. By playing COD, you need to bypass certain protection features of local-installed firewall software

This reddit thread has a few kernels of truth scattered throughout the random rumor/fearmongering comments regarding how COD players on PC have gotten hacked. Don't take every comment at face value, but there's enough evidence to support the overall premise.

 

Edited April 5 by PanthersATL

[PanthersATL]

17 hours ago, Lame Duck said:

There was so weird forum error this morning.  It said you posted something but post did not exist.   

There was a weird Cloudflare error at that moment in time. Likely the source/server hiccupped when Cloudflare was trying to access the new posted update. No biggie, hence the repost.

[Lame Duck]

23 minutes ago, PanthersATL said:

Norton nor Malwarebytes would not do anything in this case, as the gaming software requires certain ports/features to be accessible for it to function. By playing COD, you need to bypass certain protection features of local-installed firewall software

This reddit thread has a few kernels of truth scattered throughout the random rumor/fearmongering comments regarding how COD players on PC have gotten hacked. Don't take every comment at face value, but there's enough evidence to support the overall premise.

 

Yea, I quit playing PC games after that.  Not worth it.  I uninstall COD because that’s where background image was saved by the hacker and ran full check by Norton and Malewarebytes which found nothing so the guy just messed with me but I read they can do a lot more.