Telecommunications company AT&T Inc. may have been hacked, as a well-known hacker advertised a database from the company with more than 70 million customer records.

The listing on the hacking site Raid Forums, from ShinyHunters, claims that the database includes Social Security numbers and dates of birth. In a change from a typical offer, Shiny is offering the data on a bidding basis. The first bid starts at $200,000 with bids going up $30,000 each after that. “Flash,” presumably a “buy it now” price, is $1 million.

A random person posting on Raid Forums mostly wouldn’t warrant attention, but Shiny is known for its reliable hacks and offerings. Shiny has “God” tier status on Raid Forums, the highest rating available with a reputation score of 2,244. Shiny’s previous hacks and data offerings include Pixlr in January, MeetMindful the same month and Dave in July 2020.

The alleged stolen data includes full names, addresses, zipcodes, date of birth, email addresses and Social Security numbers.

In an email to SiliconANGLE, a spokesperson for AT&T denied that the data belonged to it. “Based on our investigation today, the information that appeared in an internet chat room does not appear to have come from our systems,” the spokesperson said.

The alleged hack and ShinyHunters offering comes as a hack of T-Mobile, which was first known through a post on Raid Forums, continues to gain media attention. T-Mobile was first reported to be investigating a potential hack on Aug. 15 after a Raid Forums member called “Subvirt” advertised the stolen data for sale for six bitcoin ($283,000). Forward to Aug. 16 and T-Mobile confirmed it was hacked, yet again.

T-Mobile arguably has the worst record when it comes to data security and hacking among U.S. telcos. Previous hacks involving T-Mobile include the theft of the details of 2 million customers in August 2018, a hack involving the theft of prepaid customer data in November 2019, the theft of employee and customer data in March 2020 and a “security incident” involving “malicious, unauthorized access” to some information related to T-Mobile accounts in January.

The company subsequently said Aug. 18 that it believed that the details of 48 million people had been compromised in the hack. The data stolen included records belonging to just over 40 million former or prospective customers who had applied for credit, along with 7.8 million current customers of T-Mobile’s postpaid internet plans.

Photo: Bill Bradford/Flickr