In a stunning revelation, AT&T reportedly paid a hacker around $370,000 to delete stolen customer data, following a significant data breach earlier this year. According to a Wired report, the hacker provided a video as evidence of the deletion after receiving the payment.
Negotiations and Payment
AT&T conducted the negotiations through an intermediary named Reddington, who represented a member of the notorious ShinyHunters hacking group. The hacker initially demanded a staggering $1 million, but AT&T successfully negotiated the amount down to $370,000. The ransom was paid in bitcoin on May 17th, Wired reports.
Assurance of Deletion
Reddington, who was compensated by AT&T for his role in the negotiations, expressed confidence that the only complete copy of the stolen data was deleted after the ransom was paid. However, he cautioned that fragments of the data might still be circulating. Reddington also disclosed that he had negotiated with several other companies on behalf of the hackers.
The Broader Impact
Before AT&T disclosed the breach, it was reported that Ticketmaster and Santander Bank were also targeted. These breaches occurred through the stolen login credentials of an employee at third-party cloud storage company Snowflake. Wired notes that following the Ticketmaster attack, the hackers employed a script to potentially compromise over 160 companies simultaneously.
This incident highlights the increasing threat of cyber-attacks and the lengths to which companies may go to protect their customers’ data. The negotiation and payment underscore the complex and precarious nature of dealing with cybercriminals in an era where data breaches are becoming more frequent and sophisticated.