AT&T Hacked?

supton

supton

Joined
Nov 9, 2008
Messages
24,082
Location
NH

AT&T has launched an investigation into the source of a data leak that includes personal information of 73 million current and former customers.

In a news release Saturday morning, the telecommunications giant said the data was “released on the dark web approximately two weeks ago,” and contains information such as account holders’ Social Security numbers.
Click to expand...

Not sure what to make of this... for all the complaining about the lousy service I get from Tracfone they have but my email address.

Wondering if I should go look at the list of passwords I have, and think about changing them.
 
always a good idea.. and use a password manager so you can use complex passwords such as
^P%74oYw%8@t9*zGMwNm

and only have to remember 1 password.. I recommend bitwarden(free)
you just have to remember the master password.(which I change every 6 months)
 
supton said:



Not sure what to make of this... for all the complaining about the lousy service I get from Tracfone they have but my email address.

Wondering if I should go look at the list of passwords I have, and think about changing them.
Click to expand...

The difference between AT&T and Tracfone is pre-pay and post-pay so AT&T is extending credit. I don't remember giving Verizon my SSN but that was over 15 years ago now. And I transferred off of my mom's plan to my own.


Rand said:
always a good idea.. and use a password manager so you can use complex passwords such as
^P%74oYw%8@t9*zGMwNm

and only have to remember 1 password.. I recommend bitwarden(free)
you just have to remember the master password.(which I change every 6 months)
Click to expand...
Agreed

And with Log In with Device, you don't even have to remember your master password.

And then be sure to throw 2FA on top of that.


However, I firmly believe that it's just a matter of time before everyone has some level of information out there, if that's not already the case. I also firmly believe that we need to get to a point where it doesn't matter if someone has our SSN. I'm not sure how common it was in the 60s/70s but my Uncle engraved his SSN on a SLR camera body for identification. Makes me think it used to not matter as much as it does now.
 
supton said:



Not sure what to make of this... for all the complaining about the lousy service I get from Tracfone they have but my email address.

Wondering if I should go look at the list of passwords I have, and think about changing them.
Click to expand...
I received an email this past weekend to change my PW. ATT suspects the breach occurred at third party vendor rather than their own systems. The big issue with this type of breach is that the people use the same PW across many platforms.
 
I have a password that I used to use a lot that got hacked. Google knows it's hacked and warns me when I keep using it. It's used on low risk accounts like BITOG.
 
Rand said:
always a good idea.. and use a password manager so you can use complex passwords such as
^P%74oYw%8@t9*zGMwNm

and only have to remember 1 password.. I recommend bitwarden(free)
you just have to remember the master password.(which I change every 6 months)
Click to expand...
And how do the password managers manage to not get hacked? Seems like they would be prime targets.

racer12306 said:
However, I firmly believe that it's just a matter of time before everyone has some level of information out there, if that's not already the case. I also firmly believe that we need to get to a point where it doesn't matter if someone has our SSN. I'm not sure how common it was in the 60s/70s but my Uncle engraved his SSN on a SLR camera body for identification. Makes me think it used to not matter as much as it does now.
Click to expand...
Late 90's I recall using my SSN as my student ID in college. I questioned it back then. But the internet was still pretty new and all.
 
supton said:
And how do the password managers manage to not get hacked? Seems like they would be prime targets.
Click to expand...

You're right, they're prime targets.

However, password managers tend to have the toughest security algorithms out there because their business is security. Add on that many require a 2nd factor for authentication, it makes it much more difficult to crack into it.

Unless they do something as boneheaded as LastPass did the other year where an employee had raw vaults on his device for "testing" and then that person got hacked and the hackers got raw vaults with only password security, no 2FA. So all it took was cracking a password to access someone's vault which really isn't that hard with the right tools, no matter how complicated it is.
 
The big issue is you only hear about the hacks they find out about. A good hacker covers his tracks so well that the company never realizes they were there or for "Security Reasons" the company will not reveal they were hacked. You always have to be on guard but the fact is that the term Internet Security or Cyber Security is more of a wish than a reality.
 
We strictly use MVNO's in our household (US Mobile, Mint, Redpocket, etc.) I pay for 1 year plans in advance so they have no info for me on file other than my name and phone number. No SSN or CC to be found.
 
Rand said:
always a good idea.. and use a password manager so you can use complex passwords such as
^P%74oYw%8@t9*zGMwNm

and only have to remember 1 password.. I recommend bitwarden(free)
you just have to remember the master password.(which I change every 6 months)
Click to expand...
Password managers have been hacked in the past also.
 
I always laugh when my dentist, doctor etc want my SS number. I tell them to shove it and if they insist I move on. The cancelling of my business usually causes them to re-think their policy. I don't need my SS available to anyone at the dentist office. 'em!
 
Rmay635703 said:
Password managers have been hacked in the past also.
Click to expand...
Nothing is perfect.
I know people who use passwords such as Pass1word$ I'mRetired44 etc.
but when you need 20 or 30 passwords and have to change and remember them good luck and use a book I guess.

Bitwarden is a good mix of security and easy of use. Unless you are head of goverment target or Major CEO with a team of hackers or foreign country working on you.. it will suffice.
 
One can use an algorithm to pick a complex password that aids in remembering it. Here's an example (but not one I use). It's long enough to never be brute forced and is never going to show up in a rainbow table. (Rainbow tables are lists of hashed passwords that can be used to radically speed up cryptographic attacks if a database of logins is ever compromised.)

[SiteOrInstitutionName][YearOfSomeEvent][Adjective][Noun][SpecialCharacter]

BITOG1869PinkAvocado$
 
You must log in or register to reply here.

Similar threads

Jackson_Slugger
“The mother of all breaches”-Malwarebytes Offering Free Identity Scan
2
Replies
34
Views
2K
ka9mnx
L
  • Locked
Data leak includes passwords for this site.
Replies
17
Views
1K
himemsys
y_p_w
AT&T looking to end copper landline phone service in California
3 4 5
Replies
90
Views
4K
4WD
JHZR2
Horrendous AT&T cell service
5 6 7
Replies
129
Views
6K
Joe1
1 SX
How To: Use a GSM carrier (AT&T/T-mobile) in conjunction with CDMA (Verizon) on i-Phone with e-Sim activation.
Replies
3
Views
1K
PandaBear
Back
Top