AT&T admits that hackers stole ‘nearly all’ customers' phone records

Yay! Another year of free credit monitoring.

Now everybody can do their own NSA-style surveillance on the US population!

There have been so many huge data breaches in the past 10 years or so that everyone is on a list somewhere on the dark web. I would say that digital security is so important in the modern world that it should be in the hands of government, rather than for profit companies, only governments have proved themselves as incompetent as anyone else.

and any security policy that assumes a “Social Security Number” is a secret is broken

Luckily AT&T not only failed to secure the data; but are busily providing perverse incentives!

I’m unclear on what sort of video could constitute “proof of deletion” for something that can be copied trivially; but AT&T has paid over $300k for it, which certainly won’t help misalign incentives any further…

Well, good thing this happened to one of the world’s most massive communications corporations! They’ll know exactly what to do, V quickly inform all those affected, and continue to provide ever more robust data protection for their zillions of customers!

Oh, wait…

AT&T paid over $300K to a hacker to delete the files from a cloud service just because the hacker said there were no other copies. Why wouldn’t they copy the files first?

$300K is just loose change for AT&T, but I suspect it was paid purely to give them a veneer of deniability when this info is used in future identity theft. “Oh no, that couldn’t be from the breach of our customer data that we insecurely stored without MFA, because we have video proof those files were deleted.”

Even ATT’s best legal counsel couldn’t get away with that argument, and I’m sure they know it. So, it’s either pay them with the hope of having the files deleted or just nothing done with the data, or not paying them and have half the country in an uproar when the hackers then start doing interesting things with the data.

ATT: Damned if they do… but exponentially damned if they don’t.

Do they ever say WHY they stored that information in the first place? Don’t store shit, can’t steal shit.

Discussion:

our workspace on a third-party cloud platform somebody else’s computer.

What kind of doll is that? I’m not familiar with it. (Fashion doll collector over here ).

It’s a Picco Neemo doll from Azone International. It’s their 1/12 scale line; more or less a miniature version of their Pure Neemo (1/6) scale dolls. It’s a custom head (blank head, I put the eye decals on).

Because data is a way to make money. They don’t give two shits about leaks. At this point, I’m guessing every single person in the US has been the victim of a data breach, one way or another.

Interesting. I’ve definitely seen those bodies on AliExpress. Very neat.

OH MAN! 127 million customers’ data? I’m glad I’m not an AT&T share-holder. They’re gonna get killed with penalties and fines! /s

Sarcasm aside, it is long, long past the time where we should allow this to happen unchecked by regulation and law. Until disasters like this crush the shareholder prices, and the negligent face jail time, the capitalists in charge are not going to fix this for us.

At this point I’m surprised that ATT hasn’t just lobbied successfully for the right to sell any data they wish to anyone who pays.