Telecom giant AT&T reportedly paid a hacker approximately $370,000 to delete customer data stolen during a hacking spree earlier this year.
The company negotiated through an intermediary, called Reddington, who acted on behalf of a member of the ShinyHunters hacking group, according to Wired, which first reported on the news. Initially, the hacker demanded $1 million, but AT&T managed to reduce the amount to $370,000, which it paid in bitcoin. The hacker reportedly provided a video as proof of the data’s deletion.
Reddington, who facilitated the negotiations and received payment from AT&T for his role, believes the only complete copy of the data was deleted after the ransom was paid. However, he cautioned that snippets of the information might still be available online, meaning AT&T’s ordeal is not entirely over.
Reddington reportedly negotiated with several other companies on behalf of the hackers.
News of the AT&T falling victim to a hack attack in May made headlines on Friday that affected “nearly all” of the company’s tens of millions of customers. The leak occurred through AT&T’s use of a cloud data provider called Snowflake, whose servers have been targeted by hackers in the past. During the attack, malicious coders obtained a vast amount of detailed records.
More specifically, the stolen data from AT&T’s archive included phone numbers called and texted by subscribers, call durations, and the total number of calls and texts made between May and October 2022.
Although AT&T emphasized that the stolen data did not include the content of calls or texts, TechCrunch reports that the archive contains significant information on user phone habits, which could be personally or professionally sensitive for some users.
The payment to the hacker took place later that month.