AT&T reportedly pays $370,000 ransom

According to SC Media, AT&T reportedly paid a $370,000 ransom to hackers to delete the call data of more than 100 million users that was exfiltrated through a breach of the company’s Snowflake cloud environment in April.

The reported ransom payment has not been confirmed or denied by the major US telecommunications company or the FBI, but Zendata CEO Narayana Pappu pointed out that it was well under $2 million.

Meanwhile, AT&T said it had delayed public disclosure of the large-scale data breach, which was originally filed with the Securities and Exchange Commission in May, to avoid jeopardizing ongoing investigations with law enforcement. This is the first instance of an exemption from the data breach reporting requirement since the SEC implemented its cybersecurity rule in December.

Because the exposed AT&T data is similar to the bulk metadata that the National Security Agency (NSA) collected from telecommunications companies, revealed by Edward Snowden, such a delay in notification is justified, noted Ted Miracco, CEO of Approov.

“Keeping the breach secret allows the government to assess the damage and take appropriate countermeasures without exposing its surveillance infrastructure,” Miracco said.

You can read the full story here. AT&T reportedly paid $370,000 in ransom to hackers in exchange for deleting call records of more than 100 million users that were exfiltrated through a breach of the company’s Snowflake cloud environment in April.