Cryptocurrency losses total $15 to $20 million
The cybercriminals can reset passwords for accounts such as Coinbase or Gemini, resulting in complete account takeovers. AT&T has acknowledged the unauthorized creation of secure mail keys and implemented updated security controls to prevent such activities. The company has also proactively mandated password resets for some email accounts and locked certain accounts as a precautionary measure. However, victims of this hack have reported losses totaling $15 to $20 million in cryptocurrency. One victim lost $134,000 from their Coinbase account, while another was targeted at least ten times since November 2022.Reddit users with AT&T email addresses also targeted
Multiple Reddit users with email addresses linked to AT&T and related services have also reported being hacked, with hackers allegedly deleting email notifications to avoid detection. The hackers have reportedly claimed to possess the entire AT&T employee database, providing them access to an internal employee portal called OPUS.AT&T denies any internal system breach
AT&T spokesperson Jim Kimberly has denied any breach of the company’s internal systems, stating that the hackers used API access and did not intrude into any system for this exploit. However, the extent of the damage caused by this hack is still unclear, with the company declining to disclose the exact number of individuals affected.Importance of strong password management and continuous security updates
This incident highlights the importance of strong password management and the need for companies to continuously update their security controls to prevent such breaches. It also serves as a reminder to cryptocurrency exchange users to secure their accounts with multi-factor authentication and to monitor their accounts regularly for any unauthorized activities. 
