AT&T security flaws exposed by Chinese hacks and crypto thefts
Telecoms giant AT&T has suffered a serious network breach by China-linked hackers, revealed by the Wall Street Journal (WSJ) just days after a $24 million case of cryptocurrency theft was reopened against the firm.
On Saturday, WSJ reported that US broadband providers Verizon, AT&T, and Lumen Technologies were among those found to have been targeted by Salt Typhoon — a highly sophisticated group believed to be sponsored by the Chinese state.
The months-long breach appears to have extended to wiretap systems, meaning that hackers may have gained access to sensitive information used by the US government for court-authorized wiretap requests. It remains unclear if foreign intelligence systems were also exposed.
Known among security experts as FamousSparrow and GhostEmperor, Salt Typhoon has been targeting hotels, government organizations, and telecoms firms since 2019. The group appears to mainly gather intelligence and steal data, rather than disrupt systems.
Read more: Russian hackers are using deepfake porn sites to steal crypto
Microsoft is reportedly investigating the breach. A spokesperson for the Chinese Embassy in Washington told WSJ that “China firmly opposes and combats cyberattacks and cyber theft in all forms.”
AT&T faces crypto theft case amid Salt Typhoon hack
While the far-reaching effects of the hack remain unclear, AT&T must also deal with a seven-year-old case of cryptocurrency theft that was unanimously reopened by an appeals court on Sunday, shining an extra spotlight on the responsibility of telecoms providers to protect customer data.
Crypto investor Michael Terpin is seeking a total of $45 million in damages, interest, and legal fees from AT&T after an employee was bribed into copying Terpin’s SIM card, allowing a 15-year-old hacker dubbed ‘Baby Al Capone’ to circumvent two-factor authentication and steal $24 million in cryptocurrency.
Though originally filing 16 charges against AT&T, only three have stuck — those claiming that AT&T broke a responsibility to protect Terpin’s SIM card information under Section 222 of the Federal Communications Act, referred to as customer proprietary network information (CPNI).
Read more: OKX SIM-swap leads to discovery of 2FA security flaw
“Adopting AT&T’s constrained view of CPNI would lead to absurd consequences,” the three-judge panel of the Ninth Circuit Court of Appeals wrote following its decision.
The high-profile nature of Terpin’s crypto theft case against AT&T, coupled with what appears to be a major security breach by Chinese state-sponsored hackers, has placed extra pressure on telecoms providers to safeguard customer data, and could set a legal precedent.
The case Terpin v. AT&T will now be remanded to the US District Court in Los Angeles for trial.