Did AT&T Pay $400,000 in Bitcoin to Hackers for Stolen Data?

In 2022, new allegations suggested that the telecoms firm AT&T Inc. hired hackers who claimed to have hacked the telecommunication network and stolen vital information. These hackers claimed to have stolen the information. According to the statements made by one of the cybersecurity hackers, the vicious gang received a payment of $400,000 from the corporation, which appears to be a ransom.

The Ransomware Payment Made by AT&T to Cybercriminals

The hacker claims that, as stated in a Bloomberg report, they demanded $400,000 from AT&T to destroy the data trove of critical call and text logs. Over the course of six months, these data were stolen from nearly all of AT&T's cellphone subscribers.

The media's efforts to obtain the global holding firm for telecommunications to comment on the hacker's assertion regarding the ransom payment were unsuccessful. At the same time, the Federal Bureau of Investigation and authorities from the Department of Justice declined to acknowledge whether or not the corporation had made any payments at the time.

On the other hand, a ransomware expert who wished to remain anonymous due to the topic's sensitive nature revealed that AT&T had paid the hacker the ransom. Additionally, the hacker provided an address for a Bitcoin wallet, and an examination of that address revealed what experts regard to be a transaction that is most likely to be an extortion attempt around the middle of May.

While this is going on, the well-known Chainalysis Inc. has conducted a study of the publicly accessible ledger, which reveals some interesting movements. An unknown party deposited Bitcoin with a value of $380,000 at the moment into the wallet address that the hacker provided, as stated by Chainalysis. This indicates that there looks to be an extortion payment.

After that, a smaller sum was transferred from the wallet to the wallet of a notorious hacker, which Chainalysis declined to disclose. According to the company's study, however, it was not possible for the company to verify or determine whether AT&T initiated the payment.

The use of an intermediary by the telecommunications firm is another question that cannot be answered.

Historical Payments Made for Ransomware

It is important to note that the hacker provided information and an approximately seven-minute video claiming to be evidence that they had deleted the stolen material. In accordance with their assertions, the action was carried out to meet their obligations to AT&T.

On the other hand, other analysts believe that $400,000 was significantly low when considering the specifics and importance of the material that was allegedly stolen and that presented threats to national security. According to them, several other ransomware assaults have been successful in extorting higher sums of money from corporate entities.

An excellent illustration of this is the data breach at Colonial Pipeline Company. Because of the attack, the company was compelled to shut down its pipeline, which affected the supply of gas to the East Coast of the United States. As a result, the company was required to pay a gang of hackers $4.4 million in fiscal year 2021.