dslreports logo
site
spacer

spacer
 
   
spc
story category
AT&T Systems Hacked
19,000 customer data records exposed
by fiberguy 09:00AM Wednesday Aug 30 2006
AT&T has announced that a hacker broke into their computer systems over the weekend, and accessed personal information on "fewer than 19,000 customers," reports the Detroit Free Press. The company's web-store was shut down within hours of the incident. AT&T is trying to contact affected customers, who had purchased DSL gear from the telco. They've also contacted those customers' credit card companies, and say they'll pay for customer credit monitoring.

view:
topics flat nest 

Nymostwanted
Who Cares?
Premium
join:2004-06-25
New York, NY

1 recommendation

Wednesday..

If it took them this long to find that out than they have some major security breaches.
--
Who Cares? I Don't. Neither Should You.

FFH5
Premium
join:2002-03-03
Tavistock NJ
kudos:5

Re: Wednesday..

said by Nymostwanted:

If it took them this long to find that out than they have some major security breaches.
Did you miss the part in the article where they detected the problem and shut down the system WITHIN HOURS. It just didn't make the NEWS for a few days.
--
--
Join Red Room Forum
BLOG tkjunkmail.blogspot.com
My Web Page

Nymostwanted
Who Cares?
Premium
join:2004-06-25
New York, NY

1 recommendation

Re: Wednesday..

Now I feel like a total idiot.. lol
Thanks for the info.
--
Who Cares? I Don't. Neither Should You.

Maxo
Your tax dollars at work.
Premium,VIP
join:2002-11-04
Tallahassee, FL

1 recommendation

Re: Wednesday..

said by Nymostwanted:

Now I feel like a total idiot..
That's my job, thanks.

phattieg

join:2001-04-29
Winter Park, FL
hAHAHA. Why doesn't this surprise me. I mean, goodness, the NSA had to have a way to get in too, right???
--
SIPPhone/Gizmo # 17476200648 / PIMPNET Chatline / Ran by Asterisk & Slackware 10.1.

Derch
Premium
join:2004-10-16
Tulsa, OK

Let's play the number game!`

"fewer than 19,000 customers"

Which means in normal non-corporate terms, millions. AT&T is one of the largest telco's in the country... one would think they would have an endless supply of security barriers.

GemSnake
Premium
join:2000-10-19
3rd layer

Re: Let's play the number game!`

said by Derch:

"fewer than 19,000 customers"

Which means in normal non-corporate terms, millions.
Wrong! Only those who used the webstore are affected. Definitely not millions.
--
"In a fight between you and the world, bet on the world." - Franz Kafka

guitarzan
Premium
join:2004-05-04
Skytop, PA

Re: Let's play the number game!`

One would tend to think, the NSA/ATT would have tighter security measures in place, in addition to a superb perimeter defense. Which would look as if its a virtual impenetrable fortress

And the Gov. wants backdoors built into all modems and routers? Not hard to imagine the resulting mayhem and chaos, that nightmare will "open up". Which would = technology, take three steps backwards. Hackers take three steps forward.

It appears the hackers have the edge, because they can hack whatever best shot is thrown at them. I'm not a hacker fan or supporter by posting this: Its rather obvious the smartest people are not in or running for office, nor are they employed at large corporations.
--
Bass....the glue of rhythm and harmony...the heartbeat of the band.! Shaking the earth with deep,sonorous vibrations.The dark ominous thunder of an approching storm.

Fatal Vector

join:2005-11-26

Re: Let's play the number game!`


Ummm...It's CRACKERS, not hackers. There's a distinction in meanings between the words and the glib use of the word hacker all the time shows how brainwashed even the computer "elite" is by the media and government.
fiberguy
My views are my own.
Premium
join:2005-05-20
kudos:3

Re: Let's play the number game!`

said by Fatal Vector:

Ummm...It's CRACKERS, not hackers. There's a distinction in meanings between the words and the glib use of the word hacker all the time shows how brainwashed even the computer "elite" is by the media and government.
That's an old debate but who cares what they are "called".. they broke into the system.. some say they "hacked" into the network and some say cracked. In the end, circa 19k users credit card information is gone and probably on the black market in Russia already with all the rest of the data from the U.S. that gets "stolen"...

Companies like AT&T should know better. Seems these stories pop up about once a week any more.

Where is congress to crack down on some real issues that threaten our people, the ones they are supposed to represent, on a daily basis? Oh, I know.. they are more worried about who can marry who, if the flag can be burned, and all the other 'social' feel good issues that don't matter one bit.

I wonder if these people know what it's like to have to spend several yeras of your financial life getting it back in order after your personal info is stolen. The loss of use of credit or good credit. Having to pay cash for everything. Having to fend off abusive debt collectors for bills that aren't even yours. (Let's not being into account how debt collectors also like to screw with your financial data too - another conversation sometime) and if these people know what it's like to have to pay twice for your home than others, all becuase they didn't apply laws where they are most needed; to protect people's stability - which effects the economy in the end.

Yea... two guys can't marry, I feel so much better, I mean, we're a better nation because of it. But millions of people's finacial stability are destroyed all the time. I LOVE the government.

Let's review..

AT&T
AOL
SPRINT
CITI
Federal Government
Stat of Minnesota (BIG OFFENDER)
US Bank..

the list goes on... all companies that have had personal inforamtion leaked or stolen. I would be less shocked if it was ma and pop companies loosing information. My companies seem to be able to hold data secure, why can't AT&T?
--
"Wipe out the national deficit over night... Tax the stupid!" - about 50 gMail invites available. PM if you'd like one.

guitarzan
Premium
join:2004-05-04
Skytop, PA
You're right Fatal, sorry about the loose glib use of improper terminology.

LRB

@saccounty.net
I always thought the Drums were the heartbeat of a band, everyone in the band relies on them to keep rythym, timing etc..
raythompsontn

join:2001-01-11
Oliver Springs, TN
Reviews:
·Comcast
said by Derch:

"fewer than 19,000 customers"
Which is also the same as "more than 18,000 customers". It is all in how you present it.

ARGONAUT
Have a nice day.
Premium
join:2006-01-24
New Albany, IN
kudos:1

Re: Let's play the number game!`

If it was 19,001 I would be concerned.
orangelemon

join:2003-01-29
Woodinville, WA

Re: Let's play the number game!`

Fewer than 19,000 = 18,999

Sly
Premium
join:2004-02-20
Chuckey, TN
kudos:2

Re: Let's play the number game!`

Fewer than 19000 = "oh it's not that big of a problem!" /pr guys idiotic attempt at brushing this one under the rug

owlhooter
Premium,VIP
join:2002-01-19
Wylie, TX
Well if you look up the IP of sbcdslstore.com you will see that it's owned by Moduslink
OrgName: ModusLink Corporation
OrgID: MODUS-2
Address: Worldwide Corporate Headquarters

So, to say it was completely in AT&T's hands might be a bit far off. It was more of a supplier leak than a telco giant leak. Still not the best thing to happen for a companies PR though.
fiberguy
My views are my own.
Premium
join:2005-05-20
kudos:3

Re: Let's play the number game!`

said by owlhooter:

Well if you look up the IP of sbcdslstore.com you will see that it's owned by Moduslink
OrgName: ModusLink Corporation
OrgID: MODUS-2
Address: Worldwide Corporate Headquarters

So, to say it was completely in AT&T's hands might be a bit far off. It was more of a supplier leak than a telco giant leak. Still not the best thing to happen for a companies PR though.
Doesn't matter. AT&T has made the relationship between that other company, they need to make sure that the 3rd party is handling the data correctly. To the customer, they see AT&T, not ModusLink Corp. I, as an AT&T customer, could give a ratt's as*s less who the 3rd aprty is.. MY vendor is AT&T.

When comcast hired a contractor to handle some isntallation work and the guy beat a woman, everyone went after Comcast, as they should. Same thing here. I don't care who the contractor is, the buck stops with the company you pay/hire.. in this case, people hired AT&T to handle their communications needs and that's where the buck stops.
--
"Wipe out the national deficit over night... Tax the stupid!" - about 50 gMail invites available. PM if you'd like one.

owlhooter
Premium,VIP
join:2002-01-19
Wylie, TX

1 recommendation

Re: Let's play the number game!`

I don't disagree with you. Obviously AT&T is taking the blame for it and trying to make good with the people that were affected. I was just pointing out that it wasn't like the DSL customer database was cracked, it's just the third party vendors site that was cracked. Still it is AT&T's customers that are affected and I wouldn't think of anyone else for the customer to blame than AT&T. Just wanted people to realize the scope of people affected isn't as large as it would have been had an actual AT&T database been cracked.

reasearchit

@verizon.net
With a little bit of research (obtaining IP from sbcdslstore.com and looking it up in ARIN) you can see that the IP belongs to
OrgName: ModusLink Corporation
OrgID: MODUS-2
Address: Worldwide Corporate Headquarters
Address: 1100 Winter Street
Address: Suite 4600
City: Waltham
StateProv: MA
PostalCode: 02451
Country: US

Which is a separate company that provides the equipment to AT&T. So in essence, it wasn't an AT&T breach, it was a supplier breach.

RadioDoc
Premium,ExMod 2000-03
join:2000-05-11
La Grange, IL
kudos:2

2 edits

1 recommendation

Curiously...

...this story was posted by a known Comcast employee.

We had a little discussion in the ATT-Midwest forum about this yesterday. Nobody seemed to be overly concerned especially since they (ATT) detected the intrusion, shut down the affected server(s) immediately, are notifying all affected customers and are paying for credit monitoring to minimize the damage.

Show me another instance where a company actually was proactive about such a system intrusion? Some banks don't even respond that well.

I know it's almost impossible for many here to utter even one good word about any incumbent, but this time AT&T did the right thing.
--
Toolmaster of La Grange.

Maxo
Your tax dollars at work.
Premium,VIP
join:2002-11-04
Tallahassee, FL

Re: Curiously...

Look Doc, if I don't like Ma Bell/telcos I'll complain, regardless of what does or doesn't happen. End of story.

SQiRL
Premium
join:2004-04-21
Wylie, TX

Re: Curiously...

Do you still do FTS for AT&T? or did you move on already>?
Just curious.
--
Eventus stultorum magister
Ad Nocendum Potentes Sumus

Maxo
Your tax dollars at work.
Premium,VIP
join:2002-11-04
Tallahassee, FL

Re: Curiously...

said by SQiRL:

Do you still do FTS for AT&T? or did you move on already>?
Just curious.
I moved to Tallahassee a little over a year ago. I've been unemployed since, but am looking at doing tech support for the state starting next week. Apparently nobody wants to hire a programmer-wannabe with no experience.
--
"Padre, nobody said war was fun now bowl!" - Sherman T Potter
»www.cafepress.com/maxolasersquad
»maxolasersquad.com/
»maxolasersquad.com/network/ My DSL Network Guide
»myspace.com/mlsquad

Maxo
Your tax dollars at work.
Premium,VIP
join:2002-11-04
Tallahassee, FL
said by SQiRL:

Do you still do FTS for AT&T? or did you move on already>?
Just curious.
Actually I jumped SBCs shipped right before they bought AT&T Wireless. Soon after SBC purchased ATT telco I moved to Tallahassee.
--
"Padre, nobody said war was fun now bowl!" - Sherman T Potter
»www.cafepress.com/maxolasersquad
»maxolasersquad.com/
»maxolasersquad.com/network/ My DSL Network Guide
»myspace.com/mlsquad
Aleck79

join:2003-07-23
College Station, TX

Re: NSA?

Looks that they didn't get any help from the NSA on super secret ways to secure their networks.

Michieru2
zzz zzz zzz
Premium
join:2005-01-28
Miami, FL

Re: NSA?

This is because they agreed to that FCC backdoor on all ISP networks.

koitsu
Premium,MVM
join:2002-07-16
Mountain View, CA
kudos:23
said by RadioDoc:

...this story was posted by a known Comcast employee.
I'm confused by this comment. Are you being implicative, and if so, of what? The fact that Comcast still exclusively -- and only -- peers with AT&T? Or the fact that AT&T Broadband is now part-of Comcast?

*confused look*
--
Making life hard for others since 1977.

Fatal Vector

join:2005-11-26

Re: Curiously...

"The fact that Comcast still exclusively -- and only -- peers with AT&T? Or the fact that AT&T Broadband is now part-of Comcast?"

Isn't thaqt nice? When you're getting ripped off by comcast it's doublessly because they have to pay Ma Bell a high price, just like the so called "alternative" phone companies.

But then, who cares as long as you get your comcastic 6 megs, right?

Seems the Ma Bell hydra has many tenticles.
fiberguy
My views are my own.
Premium
join:2005-05-20
kudos:3
So? I post stories on cocmast too.. what's the point?

If a at&t fanboy sent the story, would it have made the issue any different?

The reason it was posted, as being a former identity theft victom because of mis-handled information, I sent the story. Karl thought it was worth releasing and did.

Many of these people shut these down right away.. that's not disputed.. it's what they do after the fact to ensure it doesn't happen again.

If Comcast did it, I would be just as pissed and have posted the article if I fond it.

But, do you have any valid reason for ensuring everyone knows WHO posted the story? and does it matter? Not everything is political.
--
"Wipe out the national deficit over night... Tax the stupid!" - about 50 gMail invites available. PM if you'd like one.
cbiggers

join:2000-08-10
San Luis Obispo, CA
said by RadioDoc:

...this story was posted by a known Comcast employee.
If you don't have that "news source" on ignore, you don't know what you're missing.

phattieg

join:2001-04-29
Winter Park, FL
said by RadioDoc:

...this story was posted by a known Comcast employee.
Awww, so you think he's bashing another company huh? Well, as already pointed out, Comcast hasn't had any intrusions into their network, so please make a point, or explain it to me so I can clearly understand. I also understand the person in question was a victim of identity theft at one time. If a group of people have their info stolen from a DSL orders site, then it's a good idea to inform a community where there are internet users, just incase AT&T "misses" another important piece of info. If they (AT&T) are paying for identity protection and monitoring services, it is costing them $$$ x 19,000+. And what if someone DOES have their info stolen? Then it's even more trouble for the poor person who thought they were getting DSL, not a new credit card bill.

I guess what I'm trying to say is WHO CARES who posted it. It is TRUTH, it hurts some, others find comfort in it. I'd rather know a company had a problem, and where. Knowing this only affected web orders comforts ME because I would never order DSL on a website.
--
SIPPhone/Gizmo # 17476200648 / PIMPNET Chatline / Ran by Asterisk & Slackware 10.1.

Maxo
Your tax dollars at work.
Premium,VIP
join:2002-11-04
Tallahassee, FL
It's true that it being posted by a Comcast employee does not meen this is definitely a case of bias. It's also not the crutch of his argument, which is that people are often quick to complain about companies even in a situation (such as this) where the company did it's best to at handling a bad situation.
--
"Padre, nobody said war was fun now bowl!" - Sherman T Potter
»www.cafepress.com/maxolasersquad
»maxolasersquad.com/
»maxolasersquad.com/network/ My DSL Network Guide
»myspace.com/mlsquad

owenhome
keeper of the magic blue smoke
Premium
join:2002-07-13
Bentonville, AR

AT&T

Your world....
......delivered to the mafia.

Fatal Vector

join:2005-11-26

Re: AT&T



Yes. I'm sure your world more than any other would be of facinating interest to the media and government. Doubtlessly, they watch all you do, 5287 Smith W.

Doctor Four
My other vehicle is a TARDIS
Premium
join:2000-09-05
Dallas, TX
Actually with this data breach, it's more like:

Your world...
...delivered to identity thieves.

pick a name

@comcast.net

ATT is Lame!

Now they got your Name,Address and SS#. Next time I order anything(Ie phone or broadband) I'll use a FAKE name,social security and drivers license numbers.

••••