Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
AT&T Bitcoin Crime

AT&T Paid $370,000 For the Deletion of Stolen Phone Call Records (wired.com) 40

AT&T paid more than $300,000 to a member of the team that stole call records for tens of millions of customers, reports Wired — "to delete the data and provide a video demonstrating proof of deletion." The hacker, who is part of the notorious ShinyHunters hacking group that has stolen data from a number of victims through unsecured Snowflake cloud storage accounts, tells WIRED that AT&T paid the ransom in May. He provided the address for the cryptocurrency wallet that sent the currency to him, as well as the address that received it. WIRED confirmed, through an online blockchain tracking tool, that a payment transaction occurred on May 17 in the amount of 5.7 bitcoin... The hacker initially demanded $1 million from AT&T but ultimately agreed to a third of that. WIRED viewed the video that the hacker says he provided to AT&T as proof to the telecom that he had deleted its stolen data from his computer...

AT&T is one of more than 150 companies that are believed to have had data stolen from poorly secured Snowflake accounts during a hacking spree that unfolded throughout April and May. It's been previously reported that the accounts were not secured with multi-factor authentication, so after the hackers obtained usernames and passwords for the accounts, and in some cases authorization tokens, they were able to access the storage accounts of companies and siphon their data. Ticketmaster, the banking firm Santander, LendingTree, and Advance Auto Parts were all among the victims publicly identified to date...

The timeline suggests that if [John] Binns is responsible for the AT&T breach, he allegedly did it when he was likely already aware that he was under indictment for the T-Mobile hack and could face arrest for it.

This discussion has been archived. No new comments can be posted.

AT&T Paid $370,000 For the Deletion of Stolen Phone Call Records

Comments Filter:
  • by DigitalSorceress ( 156609 ) on Sunday July 14, 2024 @02:30PM (#64624983)

    When asked why he robbed banks, Willy Sutton replied "that's where the money is"

    Ransomware is going to continue to be a problem so long as the perpetrators make money - whether people pay to recover their data or to try and avoid embarrassment or even to keep the info from being sold on the "dark web" doesn't matter - they do it because they can make money from it.

    I can't help but think that companies who pay such ransoms are just fueling the profitability, making it worth doing.

    • by geekmux ( 1040042 ) on Sunday July 14, 2024 @02:36PM (#64624989)

      I can't help but think that companies who pay such ransoms are just fueling the profitability, making it worth doing.

      As a taxpayer, I cannot help but think that any company that pays a ransom should not receive one fucking dime of Federal funding for any reason, and should immediately be ineligible for any Too Big To Fail bullshit excuse to save them from their own corrupt financial fuckery.

    • For many organisations not paying could equate going out of business, so the pay, to stay in business. This is now the main reason to have cyber insurance, which is then often required by customers. The âwe donâ(TM)t negotiate with terroristsâ(TM) stuff doesnâ(TM)t really work. Almost everyone negotiates, and those who donâ(TM)t, are able to accept the losses.
    • by gweihir ( 88907 ) on Sunday July 14, 2024 @05:32PM (#64625203)

      I can't help but think that companies who pay such ransoms are just fueling the profitability, making it worth doing.

      That is exceptionally obvious. Without all the unprepared assholes that paid, there would not be a ransomware crisis today. The other factor is crapcoins, that made large-scale and easy money-laundering possible.

      • by Slayer ( 6656 )

        While crypto coins make unhindered movement of assets quite easy, it's not the main determining factor here. Remember, how Nigerian scammers had money sent to them through Western Union and similar services. Main reason they switched to crypto for this is because it's cheaper and easier than Western Union. Remember: AT&T wanted to the perps to get this money. They were extorted, not defrauded. WU would not have interfered with that transaction.

        The real culprit here is legal immunity of the perps. Their

    • by gavron ( 1300111 )

      As a taxpayer I don't think any corrupt congressman, ex-president, or supreme court butlicker should get any taxpayer funds either.
      Corruption, lack of accountability, and all with our taxpayer dollars is why our country's leadership is crap, and when they won't police themselves, they won't police the police OR the corporations lining their pockets with moare.

    • by DarkOx ( 621550 )

      By that same token as a customer - I'd rather they pay the ransom. My view is they have an obligation to protect me, their client, in anyway they can after a breach. That absolutely includes pay the attackers to 'hopefully' delete the stolen data or at least not publish it.

      I agree that it does - make crime pay - to some extent and that perhaps raises the risk in some unknowable way to unrelated parties. However someone decided to try digital - hostage taking ransom schemes, in the first place when there wa

  • how? (Score:5, Insightful)

    by groobly ( 6155920 ) on Sunday July 14, 2024 @02:41PM (#64624993)

    How can a video provide proof of deletion? AT&T never heard of backups?

    • Its $370K for an attempted PR save.
    • Re: how? (Score:4, Interesting)

      by joller ( 9083627 ) on Sunday July 14, 2024 @03:33PM (#64625063)
      I was also initially surprised, but turns out itâ(TM)s a common practice in the industry. Shows you have âtaken reasonable stepsâ(TM) in court.
      • by gweihir ( 88907 )

        Seriously? _That_ shows "reasonable steps" when it does not get any more unreasonable?

        • I'm assuming this is based on a legal judgement in some class-action lawsuit where a judge ruled these to be 'reasonable steps'. That would be stupidity and/or corruption of the legal system. But maybe there's been no such precedent and the corpos have been advised by the legal department that this should help get them off the hook in a possible class action lawsuit. Not sure, neither judges nor upper management are known for their IT literacy. Although this isn't so much IT literacy as it is just common se

      • by kmoser ( 1469707 )
        Yeah, but in the process of taking "reasonable steps" you also extorted $300,000, so why bother? If you're in court, they'll get you for theft and extortion; failure to delete the data is the least of your worries.
    • My first thought, how can you possibly prove it.
    • by gweihir ( 88907 )

      Or copies? Well. Maybe, just maybe they paid that sum for the appearance of "doing something". But terminal stupidity in corporate leadership is not unheard of.

    • >"How can a video provide proof of deletion? AT&T never heard of backups?"

      I was going to post the same thing. How ridiculous. There is *no way* to prove or validate that data has been deleted everywhere. Showing it "deleted" in one place is completely meaningless. It might validate that person is accepting a contract and performing some "consideration" for payment. But that is a legal thing and, again, meaningless when you are dealing with someone who is essentially an anonymous criminal.

      Really,

      • by unrtst ( 777550 )

        IANAL/etc, but maybe this is for the other end of the books? IE: by having them provide a video of a specific act, it can be considered a work for hire payment, rather than ransom. They paid for the video, so it's a valid purchase/sale and can be reported as such to the various authorities (tax/sec/etc..).

    • I deleted your post and now nobody will see it.

      All hail the might Alt-F4. (Or ^Q).

      What? You mean everyone else can still see it? Well give me my deletion-fee back! -- AT&T Execubot

    • How can a video provide proof of deletion? AT&T never heard of backups?

      AT&T paid $370k for them not to release the data or sell it to a 3rd party in the short to medium term.

      The idea that all copies of the data got deleted as well is just a convenient fiction that both sides agreed on.

      • by unrtst ( 777550 )

        AT&T paid $370k for them not to release the data or sell it to a 3rd party in the short to medium term.

        IMO, that's the marketing version. The real version is, "AT&T paid $370k for a short video clip."

        Paying for a promise of behavior is probably chock full of issues beyond the blatantly obvious - the inability to actually prove all copies have been deleted. Paying for a video clip is a straight forward purchase one can file and deduct.

        • AT&T paid $370k for them not to release the data or sell it to a 3rd party in the short to medium term.

          IMO, that's the marketing version. The real version is, "AT&T paid $370k for a short video clip."

          Paying for a promise of behavior is probably chock full of issues beyond the blatantly obvious - the inability to actually prove all copies have been deleted. Paying for a video clip is a straight forward purchase one can file and deduct.

          Did you actually read my 2 line comment?

          The marketing version is they deleted the content.

          The actual version is they paid for them not to release the content, hopefully forever, but at least a few years.

          And the actual version is fairly reasonable. The biggest value of the information comes from the threat to release it, no one else will pay much, so after that "promise to delete" ransom payment there's not much value in it.

          And if you do try to go after them again, or you start auctioning off the data, then

          • by unrtst ( 777550 )

            Did you actually read my 2 line comment?

            Yes, of course. And though I agree that the marketing version is they deleted it, I think there is a different and fairly obvious motivation for the video clip.

            IMO, the purpose of the video clip has little to nothing to do with proof of deletion - we all know that proves no such thing. However, the video clip could provide something very useful to AT&T - a product to associate with the purchase price. They can't just dump hundreds of thousands of dollars into anonymous accounts for nothing but the hope

    • "Gullible is written on the ceiling," someone says

      *everyone looks up*

    • Dude, the blackmailers *promised* they'd delete it and not keep any copies. Don't you trust them?
  • by Anonymous Coward

    Calling the company "Snowflake" was a leading indicator of their attitude toward sustainability, security, etc.

  • Danegeld (Score:5, Insightful)

    by davidwr ( 791652 ) on Sunday July 14, 2024 @02:49PM (#64625007) Homepage Journal

    "We never pay any-one Dane-geld,
          No matter how trifling the cost;
    For the end of that game is oppression and shame,
          And the nation that plays it is lost!"

    Rudyard Kipling, 1911

    link to more about the poem and the term [kiplingsociety.co.uk]

  • by gweihir ( 88907 ) on Sunday July 14, 2024 @05:27PM (#64625193)

    What is that supposed to be? Have we reached peak stupid?

    • What is that supposed to be? Have we reached peak stupid?

      Peak implies that we're at the upper limit.

      "Only two things are infinite, the universe and human stupidity, and I'm not sure about the former."

      Albert Einstein

    • by feufeu ( 1109929 )

      Shhhh ! You have just invoked Betteridge's law.

  • These are not my phone records or yours.

    They are phone records which could expose serious skulduggery by ATT, other tech companies, corporate heads, politicians, etc.
  • This settlement is missing at least one zero. Piker. Should have threatened to steal his pajamas.

  • Cost of protecting your data: A lot.
    Cost of offering useless "LifeLock" once you get caught not protecting the data: Some.

    Cost of paying a hacker to pretend to delete your data and send you a "video" of it: Virtuall nothing.

    AT&T Executives: WooHoo!!! This is the most cost effective solution for our shareholders.

    Fuck you large companies that don't bother securing user data and then pay for NO SECURITY.

    This is one case where LARGE FINES would make a difference, because they would encourage others to

  • I'd wager $10 they paid someone 6 BTC for that video proof showing the data being deleted.

"So why don't you make like a tree, and get outta here." -- Biff in "Back to the Future"

Working...