A database with the personal information of over 5 million Salvadorans was recently leaked in a data breach forum. The database, which has been around since August and has recently been linked to Chivo, El Salvador’s national cryptocurrency wallet, has 144GB of data, including the full name, unique identity number, date of birth, address, and […]
Source link
Telecommunications giant AT&T Inc. (NYSE:T) recently disclosed a significant data breach dating back to 2021 that resulted in the exposure of sensitive information belonging to 73 million users and is now circulating on the dark web.
The leaked data includes a wealth of personal details such as Social Security numbers, email addresses, phone numbers and dates of birth, affecting both current and former account holders. AT&T revealed that among the impacted people, 7.6 million are current account holders.
“Currently, AT&T does not have evidence of unauthorized access to its systems resulting in exfiltration of the data set. The company is communicating proactively with those impacted and will be offering credit monitoring at our expense where applicable,” AT&T said in its press release about the situation.
Don’t Miss:
The hacker behind this brazen cyberattack is ShiningHacker, a notorious figure known for previous data breaches targeting platforms such as Wattpad, Tokopedia, and Microsoft Corp.’s GitHub, according to Bleeping Computer.
Initially, AT&T denied any internal data breach when a small portion of the stolen data surfaced in 2021, claiming no knowledge of leaked information from their servers or vendors.
However, subsequent investigations revealed a different story. While AT&T refuted the claims initially, ShiningHacker admitted to the breach, dismissing AT&T’s stance with the assertion, “I don’t care if they don’t admit. I’m just selling,” according to Bleeping Computer.
The hacker attempted to monetize the stolen data by offering it for sale on the RaidForums data theft forum, setting the starting price at $200,000 and accepting incremental offers of $30,000. ShiningHacker indicated a willingness to immediately sell the data for $1 million, underscoring the severity and audacity of the cybercrime.
Trending: Long overdue disruption in the moving industry is underway. Here’s how to invest in it with just $100.
Telecommunications providers have become recent targets of cyberattacks, with T-Mobile facing a breach in 2023 affecting 37 million customers, and Verizon Communications Inc. experiencing a leak impacting 63,000 customers and employees.
In December, the Federal Communications Commission (FCC) adopted a new role to ensure that “providers of telecommunications, interconnected voice over internet protocol (VoIP) and telecommunications relay services (TRS) adequately safeguard sensitive customer information.”
The same ruling expanded the definition of “breach” in this context, to include inadvertent access, use or disclosure of customer information, except in cases where such information is acquired in good faith by an employee or agent of a carrier or TRS provider and such information is not used improperly or further disclosed.
Read About Startup Investing:
“ACTIVE INVESTORS’ SECRET WEAPON” Supercharge Your Stock Market Game with the #1 “news & everything else” trading tool: Benzinga Pro – Click here to start Your 14-Day Trial Now!
Get the latest stock analysis from Benzinga?
This article 73 Million AT&T Users’ Data Leaked As Hacker Said, ‘I Don’t Care If They Don’t Admit. I’m Just Selling’ Auctioned At Starting Price Of $200K originally appeared on Benzinga.com
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Crypto integration into Xbox also has the potential to onboard millions to crypto, further propelling adoption.
Recently leaked internal documents suggest that Microsoft plans to integrate crypto wallets into its Xbox gaming console. The documents were posted on the gaming forum ResetEra and reveal that an Xbox roadmap from May 2022 featured plans to add support for crypto wallets to the next version of Microsoft’s flagship gaming console.
The documents were leaked in connection to a Federal Trade Commission’s (FTC) lawsuit against the tech giant’s proposed acquisition of Activision Blizzard for $69 billion. In a memo to Microsoft employees, the Head of Xbox, Phil Spencer confirmed the authenticity of leaked documents but added that a large portion of the documents was outdated and did not reflect the company’s position at present.
We’ve seen the conversation around old emails and documents. It is hard to see our team’s work shared in this way because so much has changed and there’s so much to be excited about right now, and in the future. We will share the real plans when we are ready.
— Phil Spencer (@XboxP3) September 19, 2023
The documents included communications between Xbox executives and outlined plans for a new disc-less Xbox Series X, a gyro controller, and a next-gen hybrid Xbox in 2028. The leak sparked excitement and conversation in the crypto industry, which remains optimistic despite Spencer’s statement.
A major technology company such as Microsoft introducing crypto to the Xbox ecosystem – which includes consoles, handheld devices, PCs, web browsers, and a “cloud console” – would create multiple opportunities for gamers, game developers, publishers and investors. It would present gamers with the chance to buy in-game items and features, digital assets, mods and possibly even games, using crypto. Gamers would also be able to seamlessly trade in-game items and digital assets without the involvement of intermediaries.
Crypto integration into Xbox also has the potential to onboard millions to crypto, further propelling adoption. It could also disrupt the traditional gaming economy by enabling gamers to purchase downloadable content and games from non-traditional distributors.
Commenting on the news, Michael Silberberg, head of investor relations at AltTabCapital, said that “in concept, digital assets and gaming have always been closely tied,” adding “Microsoft’s inclusion of cross-chain wallets in Xbox will allow the next generation of game developers to enable players to create and retain real value from in-game worlds, facilitating actual digital asset ownership, decentralized player-driven markets, and reduced fraud in digital economies.”
Microsoft is not opposed to blockchain technology and its applications as shown by its recent partnership with layer-1 blockchain network Aptos (APT) developer Aptos Labs to improve the capabilities of the Web3 ecosystem.
next
Mercy Mutanya is a Tech enthusiast, Digital Marketer, Writer and IT Business Management Student.
She enjoys reading, writing, doing crosswords and binge-watching her favourite TV series.
The team behind the viral decentralized social media platform Friend.tech has refuted a report that claimed that the personal information of more than 100,000 of its users was leaked.
The now-amended report, first posted by The Block, suggested that data posted by Banteg, a pseudonymous developer for Yearn Finance, was “leaked” information.
The Friend.tech team, however, clarified that the information came from scraping its public API.
“It’s like saying someone hacked you by looking at your public Twitter feed,” the official Friend.tech account argued.
This is just someone scraping our public API that shows the association between public wallet addresses and public Twitter usernames.
It’s like saying someone hacked you by looking at your public Twitter feed.
Irresponsible reporting from @TheBlock_ and @vishal4c https://t.co/GIXOWazqBk
— friend.tech (@friendtech) August 21, 2023
The post also received input from X’s (formerly known as Twitter) Community Notes contributors.
“The underlying data is public and anybody can work it out reading a block explorer: if you buy a share, 5% goes to the creator’s wallet and he will have needed to fund his wallet. The database only scraps that public info,” the community note reads.
Banteg originally published a repository of the publicly available scraped data, containing details of users on the Friend.tech platform on GitHub.
101,183 people has given friend tech access to posting as them, leaked db indicateshttps://t.co/yYYDqzUoON
— banteg (@bantg) August 21, 2023
This data included wallet addresses on Base, linked to the corresponding Twitter usernames for more than 101,000 users.
“101,183 people have given friend.tech access to post as them, leaked db (database) indicates,” Banteg wrote.
Banteg also gave criticism to the inaccurate interpretation of their initial post.
Meanwhile, X users also joined in to poke fun at the situation, with one user, Satsdart, posting a link to the Ethereum block explorer, humorously claiming that he had discovered “a leaked database showing ALL transactions on eth.”
i just found a leaked database showing ALL transactions on eth look guys https://t.co/4rrC6sBYJM
— satsdart (@satsdart) August 21, 2023
Notably, Banteg’s release of the data followed a post from blockchain analytics service Spot On Chain which found that Friend.tech’s API revealed specific sets of information not immediately available to everyday users of the app.
Related: ‘I give it six to eight weeks’ — Critics warn Friend.tech hype won’t last
2. The API of @friendtech also leaks the information
You can check the wallet generated by FriendTech by this API:https://t.co/uqb7V0FxLi
Just replace “0x317931c6b64f6058f688c7d62e84e1491a319dff” with the address you see on the contract. pic.twitter.com/mGrRax4Jd6
— Spot On Chain (@spotonchain) August 21, 2023
The most prominent example was that wallets created by certain users can be viewed through the API.
When asked how this information could be used, Spot On Chain said it could be used to game the system by allowing bots to near-immediately purchase shares of big accounts as soon as they signed up to Friend.tech.
“A lot of bots have already taken advantage of this, it monitors the contract, finds the big KOL, and buys shares before others,” wrote Spot On Chain.
Since its beta launch on Aug. 11, Friend.tech has seen its users engage in over 934,000 unique transactions and trade a staggering volume of 34,320 Ether (ETH) — $57,101,116 at current prices.
Magazine: Blockchain games aren’t really decentralized… but that’s about to change
Group IB’s analysis showed that most of the stolen ChatGPT login credentials were done by the notorious information-stealing malware Raccoon info stealer.
OpenAI’s chatbot ChatGPT has been hit by one of the most common forms of cyber attacks, causing the leakage of more than 100,000 login credentials. Singapore-based cybersecurity firm Group-IB revealed in a report that the login credentials were gradually released over the past year.
According to the June 20 report, Global-IB discovered 101,134 devices with saved ChatGPT credentials on the dark web. Credential theft started in June 2022 and peaked at 26,802 in May 2023. Also, the data traded on illicit dark web places between June 2022 and May 2023. Following its findings, the cybersecurity firm found that most ChatGPT credentials being offered for sale are from the Asia-Pacific region. About 40.5% of ChatGPT accounts stolen by info stealers over the past year came from the region. Following Asia-Pacific are the Middle East and Africa, Europe, Latin America, and North America, respectively.
ChatGPT, which has become a top technology tool since its announcement in November 2022, stores users’ queries and AI responses. Hence, unauthorized access to the account could lead to the exposure of confidential information. Hackers often target these sensitive data and can be exploited for attacks against companies and their employees. Group-IB noted that info stealers had deployed their simplicity and effectiveness to become major sources of compromised personal data.
Notably, Group IB’s analysis showed that most of the stolen ChatGPT login credentials were done by the notorious information-stealing malware Raccoon info stealer. The malware finds itself on victims’ computers via a phishing email. It collects credentials saved in browsers, cookies, bank card details, and even crypto wallet details. Blockchain analytics firm Chainalysis revealed that over $3 billion in crypto was stolen last year.
Furthermore, the cybersecurity leader highlighted the top 10 countries by the number of compromised ChatGPT credentials. India took the top position, followed by Pakistan and Brazil. Others are Vietnam, Egypt, the United States, France, Morocco, Indonesia, and Bangladesh. The Head of Threat Intelligence at Group-IB, Dmitry Shestakov, wrote:
“Many enterprises are integrating ChatGPT into their operational flow. Employees enter classified correspondences or use the bot to optimize proprietary code. Given that ChatGPT’s standard configuration retains all conversations, this could inadvertently offer a trove of sensitive intelligence to threat actors if they obtain account credentials. At Group-IB, we are continuously monitoring underground communities to promptly identify such accounts.”
In the report, the cybersecurity firm advises ChatGPT users to regularly update their passwords to protect their credentials. It also urged using two-factor authentication, which is additional security to their ChatGPT accounts.
next
Ibukun is a crypto/finance writer interested in passing relevant information, using non-complex words to reach all kinds of audience.
Apart from writing, she likes to see movies, cook, and explore restaurants in the city of Lagos, where she resides.