Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Users' Data Target Of 'Targeted Attack' on AT&T

timothy posted more than 2 years ago | from the oh-the-files-are-inside-the-death-star dept.

Security 28

New submitter fran6gagne writes "AT&T [Monday] notified customers of an effort by hackers to collect online account information. It is not believed that the perpetrators of this attack obtained access to sensitive information." eWeek's account has a bit more detail.

cancel ×

28 comments

Sorry! There are no comments related to the filter you selected.

Double Negatives for Double Fun (2)

elysiuan (762931) | more than 2 years ago | (#38137122)

I don't don't believe that exposing user data is not not a big deal!

Re:Double Negatives for Double Fun (0)

Anonymous Coward | more than 2 years ago | (#38138640)

I trust my usb drive [hkcolordigital.com] rather than AT&T. Seldom do I drop my drive on the street, but now AT&T does!

Target of targeted attack? (0)

migla (1099771) | more than 2 years ago | (#38137144)

Is the redundant headline redundant?

Re:Target of targeted attack? (3, Informative)

Lunix Nutcase (1092239) | more than 2 years ago | (#38137238)

That's the brilliant "editing" work of timothy. The original articles used "organized and systematic" attack but timothy must have thought that was too clear and not redundant enough for the slashdot title.

Re:Target of targeted attack? (1)

wwfarch (1451799) | more than 2 years ago | (#38139860)

I think the title is saying there was an attack that tried to get data (Users' data was the target) from AT&T ('Targeted attack' on AT&T). Definitely a confusing headline but not actually redundant.

Re:Target of targeted attack? (1)

migla (1099771) | about 2 years ago | (#38145784)

Yes, I was partly being compulsively silly. The quotes convey the extra info that AT&T describes it as a targeted attack. A title without repetitition of words might have been "Targeted attack" for AT&T user info" or something...

lol (-1)

Anonymous Coward | more than 2 years ago | (#38137148)

Good thing their infrastructure uses the secure Mac OS X rather than Winblows or it would have been trivial to steal the info.

Of coarse not (1)

fish_in_the_c (577259) | more than 2 years ago | (#38137196)

"It is not not believed that the perpetrators of this attack obtained access to sensitive information"
if they had ATT certainly would not tell anybody ... and if they were REALLY good ATT wouldn't know.

Re:Of coarse not (1)

Jawnn (445279) | more than 2 years ago | (#38138926)

"It is not not believed that the perpetrators of this attack obtained access to sensitive information" if they had ATT certainly would not tell anybody ... and if they were REALLY good ATT wouldn't know.

Close, but I see that you are not fluent in corporate double-speak. Allow me to translate, my friend.
"We are not ready to grudgingly admit that the perpetrators of this attack obtained access to sensitive information. On advice from counsel, not to mention our friends at Sony, we going to go with that story, for now."

Re:Of coarse not (2)

DriedClexler (814907) | more than 2 years ago | (#38139668)

You need to learn how to translate this stuff:

"The attackers were not successful" -> They got the password hashes.

"The attackers were not able to gain access to sensitive data" --> They got the password hashes plus a bunch of private stuff we stored in cleartext because we're idiots.

"We have no reason to believe the attackers compromised sensitive data." --> They got everything.

Special Slashdot Memo #56544321986745637 (0)

Anonymous Coward | more than 2 years ago | (#38137218)

"It is not not believed"

should therefore read "it IS believed" the perpetrators gained access to customer information.

Yours In Ulanbator,
K. Trout, C.I.O.

(One of) My problems with AT&T... (4, Interesting)

jesseck (942036) | more than 2 years ago | (#38137314)

When I signed up for a UVerse account, they provided the login details. They had my username (previously tied to DSL), no biggie. But then the technician at the house was able to pull up my password. MY password. It's stored in a reversible manner (if encrypted at all)- why the fuck? This does not surprise me that AT&T was targeted, and I'm sure they have millions of customers that believe they password is safe. Since then, I don't trust AT&T or that account for anything important.

Re:(One of) My problems with AT&T... (2, Informative)

Anonymous Coward | more than 2 years ago | (#38138844)

Believe it or not, AT&T is actually pretty serious when it comes to sensitive personal information.
( I have to re-take the training at least yearly about it )

Full drive encryption on all desktop and laptop systems are pretty much the standard. Software firewalls and
anti-virus updated constantly. Forced password changes on a scheduled basis with complexity rules in full
effect. Access to servers which hold SPI are limited and those accounts are either passphrase level logins
or RSA SecurID tokens.

( All tokens were re-issued post RSA Data breach )

Network sniffers are in place everywhere. Firewalls are in place to isolate the many internal networks
within the company. Identifying the systems with your data is only part of the puzzle. Getting access to
them ( and the network they reside upon ) is a lot more work for an outsider.

Not just anyone in the company has access to your data. Only those groups that need access to it to do
their job. Will it stop the official evil employee from looking at your data if they have legitimate access ?
Of course not. You have to trust SOMEONE to access your data when necessary.

From an outside hack perspective though, the systems in general are definitely not wide open for the
world to see. They may not be up to NSA / Area-51standards, but they're pretty locked down.

Re:(One of) My problems with AT&T... (3, Interesting)

certain death (947081) | more than 2 years ago | (#38139062)

You mean they are serious about protecting _THEIR OWN_ data, not customers data.

Re:(One of) My problems with AT&T... (2)

gl4ss (559668) | more than 2 years ago | (#38139776)

I guess it would be smarter to target at&t dsl installers then.

then you'd get all passes.

Re:(One of) My problems with AT&T... (1)

Charliemopps (1157495) | more than 2 years ago | (#38140304)

Their customers data IS their own data. Didn't you know that?

Re:(One of) My problems with AT&T... (1)

rsborg (111459) | more than 2 years ago | (#38140214)

Believe it or not, AT&T is actually pretty serious when it comes to sensitive personal information.
( I have to re-take the training at least yearly about it )

AT&T is a multi-headed beast of a company with dozens of divisions. It's highly likely that in your area, AT&T may be highly security conscious while in the UVerse area, they couldn't secure two pieces of paper using a stapler... having reversible encryption is an incredibly bad security exposure (GP post's anecdote).

Forced password changes on a scheduled basis with complexity rules in full
effect.

This has actually proven to be bad, as folks will likely resort to writing down their passwords... or if they infrequently use the system, they just keep using the "forgot, email me" feature.

Re:(One of) My problems with AT&T... (1)

Charliemopps (1157495) | more than 2 years ago | (#38140392)

I used to work for ATT. People working in the same building don't even know the job responsibilities of people across the hall... much less across the country. ATT would do things like: Give one of their departments a free data line. This line was still billed, but they'd put it on an account that was paid by ATT itself. There were thousands of lines on these accounts and they'd bill in the millions, but it didn't matter because ATT would pay it themselves right? Well, the problems arose when ATT would lay-off the previously mentioned department. They'd fired everyone, and vacate the building. A few months later a new tenant would move in and find several WORKING T1s on the ATT network... some of them inside ATTs own internal cloud! They'd call ATT billing and request to have those lines removed... ATT would say they need a written statement ending service to disconnect. The tenants would explain that ATT was the customer, they need to write their own disconnect request... but ATT would refuse. Dishonest people would say "Fine" and write a fake disconnect request. (that actually would work) More dishonest people would just start using the T1s and say "Yay!" Honest customers, as usual, were screwed. ATT would let the line sit, usually for years, then figure it out and try to back-bill them for something they never asked to have installed, never used and had no way of removing.

Ah /. (-1)

Anonymous Coward | more than 2 years ago | (#38137518)

Get the important news of yesterday, Today!

Re:Ah /. (1)

Lunix Nutcase (1092239) | more than 2 years ago | (#38137596)

It's better than the two-day-old blogspam like the post about Linux kernel codenames that was nothing but a regurgitation of a wiki page.

phone numbers may be enumerated (4, Interesting)

Anonymous Coward | more than 2 years ago | (#38137608)

It appears that they are just enumerating which phone numbers are set up with online account access. This can be done via the account setup page. The login page itself will not tell you if an account exists or doesn't exist, but the setup page will. Likely, this is a first step to later brute force passwords. Given that the username is the phone number, they can then just try and find one that has an account set up with AT&T's web site. The daily internet storm center podcast had some details about this. http://isc.sans.edu/podcastdetail.html

Re:phone numbers may be enumerated (0)

Anonymous Coward | more than 2 years ago | (#38138504)

Ha ha! Shows you, my phone number is Sunset 9-3664.

Next up (3, Funny)

mr1911 (1942298) | more than 2 years ago | (#38138820)

It is not believed that the perpetrators of this attack obtained access to sensitive information.

AT&T does not consider any of its customer's personal data as "sensitive information".

Re:Next up (1)

Jeng (926980) | more than 2 years ago | (#38140058)

The article has a quote similar to that one, but with different wording that leaves them actually very little wiggle room.

âoeWe recently detected an organized and systematic attempt to obtain information on a number of AT&T customer accounts, including yours,â AT&T said in an e-mail to customers. âoeWe do not believe that the perpetrators of this attack obtained access to your online account or any of the information contained in that account.â

Considering the type of attack they describe this sounds more like a scouting mission rather than a full on attack.

Re:Next up (1)

Anonymous Coward | more than 2 years ago | (#38140962)

And, anyway, we won't know for sure until the charges start showing up on your next phone bill....

horrible security and privacy practise. (0)

Anonymous Coward | more than 2 years ago | (#38140818)

With things like this happening increasingly often, it really upsets me that carriers would store users passwords in plaintext (looking at your t-mobile).

I did a password reset on the t-mo website, and a text with my password was sent to my phone. This would be a tragedy if someone had stolen my phone.

+T-Mobile = Fatter Target (1)

Doc Ruby (173196) | about 2 years ago | (#38147472)

If AT&T gets T-Mobile, then the more monopolistic combined company will be a bigger target for attacks, which harm more people at once when successful.

Carrier diversity is yet another reason not to let AT&T continue to recover its total monopoly status.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>