NPI Tech Guys

NPI Tech Guys


Digital Shadows: Navigating the Aftermath of Major Data Breaches and Ransomware Payments

March 30, 2024

* AT&T Says Data From 73 Million Current and Former Account Holders Leaked on Dark Web - Tom Ozimek.

Data from roughly 7.6 million current account holders and 65.4 million former account holders were released on the dark web, AT&T said.

AT&T said it had reset passcodes for 7.6 million current account holders affected by the leak.

“We will be reaching out to individuals with compromised sensitive personal information separately and offering complimentary identity theft and credit monitoring services,” the company said in a statement.

AT&T said it hasn’t found any evidence of unauthorized access to its systems that resulted in data being stolen and that it has launched a “robust” investigation into the incident with the help of outside cybersecurity experts.

* 37 million T-Mobile customers were hacked | CNN Business - Jan 19, 2023.

* Twitter’s Data Leak Exposes Over 5.4 Million Users.

* Earlier this year, Twitter confirmed that an API vulnerability had caused a massive data leak containing non-public information for over 5.4 million Twitter users - Used with permission from Article Aggregator.

Twitter denied claims that hackers had leaked the private information priorly. However, Pompompurin, the owner of the hacking forum Breached, stated they were responsible for exploiting the API bug and platforming the data after another hacker shared the vulnerability with them.

The stolen data includes public information like Twitter IDs, account names, logins, locations, and verified status. In addition, private information like phone numbers and email addresses have also been exposed. Fraudulent activities such as phishing could be carried out using this information.

In addition to the breach of the 5.4 million active accounts, private information for roughly 1.4 million suspended Twitter profiles were also shared using the same API bug. While the extent of the data breach is not fully known, security expert Chad Loder stated that information for "tens of millions" of Twitter users might have been collected using the same API bug.

To keep yourself safe, disregard emails claiming to be from Twitter that state your account is suspended. In addition, be skeptical of emails about issues logging in or the account is about to lose its verified status. These emails are probably attempting to phish for your private information to use in fraudulent activities.

* HaveIBeenPwned.com

* Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment!

The transaction, visible on Bitcoin's blockchain, suggests the victim of one of the worst ransomware attacks in years may have paid a very large ransom.

On March 1, a Bitcoin address connected to AlphV received 350 bitcoins in a single transaction, or close to $22 million based on exchange rates at the time.