Millions of AT&T users could be facing a severe threat as hackers claim to have breached the company’s core infrastructure. This alleged attack may allow cybercriminals to bypass two-factor authentication (2FA) sent via SMS, which millions rely on for security.
The breach claim surfaced on underground forums where hackers trade stolen data and exploits. Reportedly, the attackers implanted malicious software in AT&T’s systems for weeks, gaining read and write access to sensitive data affecting roughly 24 million users.
Hackers claim deep access to AT&T systems and data
A custom malicious payload allegedly deployed by attackers gave them control over AT&T’s core systems. This includes access to a live database storing phone numbers, subscriber names, device details, and security codes tied to SMS 2FA.
Cybersecurity experts warn this could allow SIM-swapping attacks, where a victim’s phone number is transferred to another SIM card controlled by hackers. Such attacks enable intercepting 2FA codes, potentially compromising bank accounts, email, and social media profiles.
Did you know?
SIM swapping attacks surged by over 400% globally between 2022 and 2025, exploiting mobile carrier system weaknesses.
How does the alleged breach affect AT&T customers' security?
If confirmed, this breach means attackers can manipulate user data in real time, not just exfiltrate static records. By controlling phone numbers at the carrier level, they effectively cripple the standard two-factor authentication process used by millions to protect online accounts.
Users relying solely on SMS-based 2FA face heightened risks, especially without additional protective measures like strong passwords or authenticator apps. This breach also raises concerns about the vulnerabilities of nationwide telecom networks.
ALSO READ | Cloudflare’s Fast Action Blocks Short-Lived 11.5 Tbps Distributed Denial of Service Attack
What risks do SIM-swapping attacks pose to users?
SIM swapping can have devastating impacts beyond just hijacking phone calls and texts. Attackers can use stolen 2FA codes to bypass security on financial institutions, social media platforms, and other digital services.
Victims of these attacks have reported substantial financial losses, including a recent case where attackers stole millions in cryptocurrency after gaining control of a mobile number. Hackers reportedly gained live access in this case, compounding the danger by allowing real-time interception.
Potential impact of live data access on user safety
Unlike regular data breaches, live access to core telecom systems means attackers can alter or reassign phone numbers on the fly. This dynamic control makes detection harder and could lead to prolonged unauthorized access.
AT&T has yet to confirm or deny the breach but is reportedly investigating. Customers should be vigilant for unusual account activity and consider upgrading security using app-based authentication and strong passwords.
This incident adds to a series of previous breaches at AT&T, with past incidents leading to multi-million dollar settlements. It highlights the ongoing cybersecurity challenges facing massive telecommunications infrastructure and the urgent need for stronger protections.
Comments (0)
Please sign in to leave a comment