AT&T email accounts reportedly broken into to steal crypto

Hackers have reportedly been breaking into AT&T-provided e-mail addresses, and utilizing this entry to steal massive portions of cryptocurrency, TechCrunch stories. Whereas it’s not clear how many individuals have been impacted, one alleged sufferer claims to have misplaced $134,000 from a Coinbase account related to a compromised e-mail deal with. Electronic mail addresses with att.internet, sbcglobal.internet, and bellsouth.internet domains have all reportedly been affected. 

The vulnerability revolves round mail keys, which are supposed to enable customers to log into AT&T e-mail accounts through shoppers like Outlook or Thunderbird. In some way, attackers seem to have discovered a option to generate these keys with out the information of the proprietor of an e-mail account. As soon as they’ve entry, they will request password resets from cryptocurrency exchanges like Coinbase or Gemini (together with, presumably, many different on-line accounts related to the e-mail deal with).

AT&T spokesperson Jim Kimberly confirmed to TechCrunch that the corporate had “recognized the unauthorized creation of safe mail keys, which can be utilized in some instances to entry an e-mail account while not having a password.”

The tipster that alerted TechCrunch to the problem stated that hackers have been in a position to create these mail keys as a result of they’ve entry to an inner AT&T system. However AT&T’s Kimberly disputes this. “There was no intrusion into any system for this exploit. The dangerous actors used an API entry,” they stated.

“We’ve up to date our safety controls to stop this exercise. As a precaution, we additionally proactively required a password reset on some e-mail accounts,” Kimberly stated. “This course of worn out any safe mail keys that had been created.” AT&T didn’t instantly reply to The Verge’s request for remark asking whether or not it believes the safety concern has been totally resolved.

It’s not clear how lengthy the issue might have existed, however one sufferer informed TechCrunch that they’d been experiencing ongoing points with their mail keys since November final yr. This Reddit submit (additionally from November) mentions an identical concern. 

The incident highlights how an e-mail account could be a single level of failure for a lot of a consumer’s on-line life. Entry the account and also you entry all of the related providers. On this case, these providers reportedly included cryptocurrency, making potential losses even higher.