Jump to content

  • Welcome!

    Register and log in easily with Twitter or Google accounts!

    Or simply create a new Huddle account. 

    Members receive fewer ads , access our dark theme, and the ability to join the discussion!

     

Now we know why AT&T had 12 hour outage

Lame Duck

By Lame Duck,
in Huddle Lounge

 Share

Recommended Posts

PanthersATL Veteran

PanthersATL

Posted
Posted
4 minutes ago, Lame Duck said:

It was not just phone call system.  The entire AT&T was down.

I've worked in IT. I saw the news.  I shrugged, and mentally sent well-wishes to the System Admins who were working their butts off to bring systems back online knowing that it could have been anything from a bad software update pushed to various remote systems, to a cut cable line by a construction crew, to a networking intern who was cleaning up a cable closet and didn't plug a cord back in (then panicked when trying to fix it)

Similar to Facebook being down yesterday, or when Amazon's east coast data center goes offline taking down a wide swath of the internet (which seems to be an almost weekly occurrence -- if you know, you know)

  • Beer 1
Link to comment
Share on other sites
Lame Duck Grand Master

Lame Duck

Posted
  • Author
Posted
3 minutes ago, PanthersATL said:

If you think the AT&T hack is what put your info online for miscreants and rapscallions to utilize, you're mistaken. It's just another in an ongoing series.

Check https://haveibeenpwned.com/ for all the other places your online data may have leaked from.

The best defense is a good offense:

  • Use 2FA wherever possible. And not SMS messaging if you have options for Authenticator apps or other 2FA solutions. SMS is not secure (but it's better than nothing)
  • Turn on any security feature that can notify you of account changes
  • Have a unique password for every account
    • Minimum of 20 characters, and a mixture of upper/lowercase letters, numbers, and symbols
    • Use a password manager to manage all your passwords. Doesn't matter which one - 1Password, BitWarden, LastPass.... there are others.  (disclaimer: some critics are not recommending LastPass due to its own one-off issues, but experts have dismissed those a bit for various reasons)
  • Put a freeze on all three of your credit reports (it's free!). This would/should keep your credit from being utilized fraudulently without your involvement/awareness

 

image.png.348d640d88e303a4e65b93e964f0a17b.png

I was told it’s part of AT&T data leak by my security provider.

Link to comment
Share on other sites
PanthersATL Veteran

PanthersATL

Posted
Posted
Just now, Lame Duck said:

I was told it’s part of AT&T data leak by my security provider.

AT&T is calling it a leak because its better PR than other phrasing that could have been used -- primarily because they don't have evidence that a hack took place vs it being data from themselves directly or from one of their vendors.

In either case - somehow, a dataset of 7.6m customers was shared to a publicly-accessible website -- easily discoverable via a Google search... (and subsequently copied over to the "dark web" to be used for nefarious purposes). 

The big AT&T outage took place on Feb 22. The dataset being talked about appears to be from 2019 or earlier (according to AT&T recently). The data seems to have been posted online/been available circa Mar 17.

Other reports said that it was from an alleged 2021 data breach that AT&T also denied happening, but was released online by someone else on Mar 17.

Based on the timeline of activities related to the data itself, there doesn't appear to be correlation between the Feb outage and the availability of the dataset

 

 

Link to comment
Share on other sites
Lame Duck Grand Master

Lame Duck

Posted
  • Author
Posted
2 minutes ago, PanthersATL said:

AT&T is calling it a leak because its better PR than other phrasing that could have been used -- primarily because they don't have evidence that a hack took place vs it being data from themselves directly or from one of their vendors.

In either case - somehow, a dataset of 7.6m customers was shared to a publicly-accessible website -- easily discoverable via a Google search... (and subsequently copied over to the "dark web" to be used for nefarious purposes). 

The big AT&T outage took place on Feb 22. The dataset being talked about appears to be from 2019 or earlier (according to AT&T recently). The data seems to have been posted online/been available circa Mar 17.

Other reports said that it was from an alleged 2021 data breach that AT&T also denied happening, but was released online by someone else on Mar 17.

Based on the timeline of activities related to the data itself, there doesn't appear to be correlation between the Feb outage and the availability of the dataset

 

 

Yea, at some point that info will be released to public of how the data leak took place.  AT&T is going to get hammered by the regulators.  They are repeat offender too.

Link to comment
Share on other sites
PanthersATL Veteran

PanthersATL

Posted
Posted
1 hour ago, Lame Duck said:

Yea, at some point that info will be released to public of how the data leak took place.  AT&T is going to get hammered by the regulators.  They are repeat offender too.

AT&T is not the only one this has happened to. There have been and will be data leaks from other companies.

Your time is better spent not focusing on AT&T, but on hardening your own security setups for when (not if) this happens again - whether it be AT&T or any other company with your info.

If your security provider is not giving you similar advice, then they need to improve their communication protocol and process.

(Somehow, my previous reply didn't post. This may or may not be a repeat with different words.)

Link to comment
Share on other sites
Lame Duck Grand Master

Lame Duck

Posted
  • Author
Posted (edited)
4 hours ago, PanthersATL said:

AT&T is not the only one this has happened to. There have been and will be data leaks from other companies.

Your time is better spent not focusing on AT&T, but on hardening your own security setups for when (not if) this happens again - whether it be AT&T or any other company with your info.

If your security provider is not giving you similar advice, then they need to improve their communication protocol and process.

(Somehow, my previous reply didn't post. This may or may not be a repeat with different words.)

There was so weird forum error this morning.  It said you posted something but post did not exist.  
 

My security set-up is as good as it probably gets but even all of the security in the world I still go hacked few months ago.  Some dude used CoD (Call of Duty) video game and got into my pc and changed my background.  Neither Norton nor Malewarebytes did anything.  

Edited by Lame Duck
Link to comment
Share on other sites
PanthersATL Veteran

PanthersATL

Posted
Posted (edited)
17 hours ago, Lame Duck said:

Some dude used CoD (Call of Duty) video game and got into my pc and changed my background.  Neither Norton nor Malewarebytes did anything.  

Norton nor Malwarebytes would not do anything in this case, as the gaming software requires certain ports/features to be accessible for it to function. By playing COD, you need to bypass certain protection features of local-installed firewall software

This reddit thread has a few kernels of truth scattered throughout the random rumor/fearmongering comments regarding how COD players on PC have gotten hacked. Don't take every comment at face value, but there's enough evidence to support the overall premise.

 

Edited by PanthersATL
Link to comment
Share on other sites
PanthersATL Veteran

PanthersATL

Posted
Posted
17 hours ago, Lame Duck said:

There was so weird forum error this morning.  It said you posted something but post did not exist.   

There was a weird Cloudflare error at that moment in time. Likely the source/server hiccupped when Cloudflare was trying to access the new posted update. No biggie, hence the repost.

  • Pie 1
Link to comment
Share on other sites
Lame Duck Grand Master

Lame Duck

Posted
  • Author
Posted
23 minutes ago, PanthersATL said:

Norton nor Malwarebytes would not do anything in this case, as the gaming software requires certain ports/features to be accessible for it to function. By playing COD, you need to bypass certain protection features of local-installed firewall software

This reddit thread has a few kernels of truth scattered throughout the random rumor/fearmongering comments regarding how COD players on PC have gotten hacked. Don't take every comment at face value, but there's enough evidence to support the overall premise.

 

Yea, I quit playing PC games after that.  Not worth it.  I uninstall COD because that’s where background image was saved by the hacker and ran full check by Norton and Malewarebytes which found nothing so the guy just messed with me but I read they can do a lot more.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...