This browser does not support the Video element.
OAKLAND, Calif. - If you are an AT&T customer, you’re likely among the 73 million customers whose information was stolen from the communications giant and posted on the internet’s nefarious dark web. The staggering figure affects both current and former AT&T account holders' information that has been stolen.
In its latest data breach, AT&T said, it found the customers' information on the so-called "dark web" where hackers often post and sell sensitive information.
The 2019 customer information includes many Social Security numbers and four-digit pass codes.
Affected folks are or will be notified by AT&T by email or letters that their four-digit pass codes have already been changed and that it will pay for credit monitoring services as warranted.
Cybersecurity firm Deepwatch, helps companies monitor, detect, stop or mitigate as well as survive cyber-attacks. "They need an advocate who can help the companies secure the data better. They also need an advocate who can make it harder on those malicious," said Deepwatch Executive Bill Bernard.
But, many companies, thirsting for additional profits, use and sell consumer data. That creates motherlodes of data, that bad guys turn into money either by selling it or using it to rob the victims directly. "One of the first rules of cybersecurity is: you can't lose what you don't have in the first place," said Bernard.
Cyber-services provider Termly calculates that from 2020 to 2023, the top five yearly incidents combined, beached, hacked or exposed 2.5 billion accounts. The all-time top ten incidents saw 9.4 billion victims from the likes of Yahoo, Facebook and others.
FILE - A visitor walks past US multinational telecommunications AT&T logo. ( PAU BARRENA/AFP via Getty Images)
That number, though nowhere near the total number of big breaches, far, far exceeds the global population. Often, the worst offenders are in countries that sponsor or protect them.
So, should the U.S. government launch massive cyber counterattacks? "I'm sure we have capabilities that we could choose to use. The question is one of escalation or reprisal," said Bernard.
What about giant corporations fighting back? "Suggesting that they get involved in any sort of counterattack, is frankly more than they have the resources, the time or the expertise to do. It's a bit of a game of Whack-A-Mole unfortunately," said Bernard.
Artificial intelligence is being brought into the cyberwars on both sides. "People fight people at one level but, it's also machine fighting machine at another level," said the cyber expert.
One suggestion: making Social Security accounts requires a personal PIN number. The other: individual biometrics.