Att 70m Attabramsbleepingcomputer – AT&T denied that they had any data breaches, even as the dreaded name of a company known for security breaches has been bought by a Chinese firm. This is just the latest of many cyber attacks that have seriously impacted U.S. citizens and businesses, but AT&T’s response might be one of the worst.
AT&T has not only denied any attacks, but they claim that the data of 70 million users is not for sale , and that it was stolen from a hacker, who remains unknown. The hacker allegedly stole the information from an AT&T server farm in 2014. At least we can be reassured that no government is looking for how to make money off this large amount of data.
One of the main points to be considered when it comes to this type of data is that many of the users are U.S. government employees, who willingly provide their information as part of a vetting process. There were two types of affected users, business and consumer clients. The hacker tried to find out how much the data was worth by holding it for ransom, but could not generate any interest for the 70 million plus social security numbers and other identifies that were on offer at only one bitcoin per set (about $450 USD).
The United States is one of the leaders in cybersecurity, but also has one of the worst records for data breaches, with over 783 last year. However, many are misreported and under reported by companies who either don’t want to admit a breach happened or fail to report it. The U.S. ranked 3 out of 30 in data protection practices, at least according to a study by Aon Plc, and was 10th out of 55 countries on the same list. The study was conducted in 2016, so progress has been made.
The Chinese firm that purchased the data was not named, but they were still looking at the data as of January 2017. The company reportedly had some data, but could not determine if it was all there until they had purchased a portion of it to see if it fit together. Once that part was confirmed, more purchases were made and the buyer contacted AT&T to discuss how to retrieve the rest of their property.
The worst part about this is that AT&T asked for the hacker to return the data and then purchased it back. Of course, there was no ransom paid to any hackers.
Until businesses stop treating breaches as opportunities to sell more services or products, the problem will continue to grow. This is simply not fair to companies where their data is safe and secure, and they do not have to worry about a breach of their own information.
