As a seasoned crypto investor and cybersecurity enthusiast, I’ve seen my fair share of data breaches and their devastating consequences. The recent AT&T breach is a stark reminder of how vulnerable centralized systems are to external threats. I wholeheartedly agree with Tim Kravchunosky, the CEO of Chirp, that blockchain technology could have significantly improved AT&T’s data storage and protection.
Tim Kravchunosky, the CEO and founder of decentralized telecommunications company Chirp, has expressed his disapproval over the recent AT&T data breach, stating that such an incident is “completely unacceptable.” In his opinion, AT&T could have prevented this security lapse by utilizing blockchain technology to store their data.
Blockchain Will Help AT&T Improve Data Storage and Protection, Says Chirp CEO
The executive underscored the importance of securely storing databases in light of the recent security incident, emphasizing the potential benefits of decentralized options that are generally more effective against external attacks.
“By keeping data on an unchangeable record and continuously monitoring for threats in the present, Kravchunosky explained, enables a quick reaction to prevent a security incident from materializing.”
The executive went on to explain that although a distributed ledger cannot completely prevent data breaches, it can enhance data security substantially.
He pointed out that while a data breach similar to AT&T’s cannot be completely ruled out if data is stored on the blockchain, the probability is significantly reduced. Moreover, a key advantage of blockchain technology is its transparency, making it virtually impossible for breaches to go undetected for extended periods of time like the two-year cover-up mentioned.
Last Friday, AT&T disclosed that unauthorized individuals had gained access to and copied their call logs from a third-party cloud service. The company discovered this breach during an internal probe carried out in April. It’s important to note that the accessed data did not contain the actual call content or messages, as well as personal customer information.
As an analyst, I’ve discovered that the hackers managed to obtain metadata in their intrusion at AT&T. This data encompassed phone numbers among other details. In a disclosure made to the US Securities and Exchange Commission (SEC), AT&T acknowledged that large quantities of such information can be scrutinized to uncover patterns and relationships between individuals. However, it’s important to note that further investigation is essential, as per the cautionary words of Professor Thomas Rid, a strategic studies expert, to ascertain the extent of involvement of the hackers in AT&T’s system.
Having someone’s metadata at your disposal allows you to access information about their daily routines and regular locations. This means you can determine roughly when they leave for work and return home, as well as where they typically spend their nights.
It is said that the hackers obtained access to data regarding texts and calls exchanged between the dates of May 1 to October 31, 2022, and January 2, 2023.
AT&T Paid Hackers More Than $370,000 to Delete Data
Based on a Wired article, AT&T reportedly paid hackers approximately $370,000 in Bitcoin to eliminate the data and supply a video as proof of elimination. According to the report, the payment was received by the hacker in May, with their Bitcoin addresses presented as evidence. Using an online blockchain tracking tool, Wired verified a Bitcoin transaction worth 5.7 BTC on May 17. Additionally, TRM Labs’ head of global investigations Chris Janczewski independently confirmed a Bitcoin transfer valued at $373,646 at the time. The hacker subsequently moved the funds through various crypto wallets and exchanges.
A security expert named Reddington acted as a go-between for the hacker and AT&T, reportedly earning over $300,000 as compensation. Reddington even presented Wired with evidence of the payment receipt. According to Reddington’s belief, the hackers genuinely erased the stolen data since it was located on a cloud server that Reddington could access as well.
Allegedly, the hacker is a member of ShinyHunters, a hacking group notorious for data theft.
Read More
Sorry. No data so far.
2024-07-16 14:58