AT&T thwarts hacking attempt on mobile accounts

AT&T said today that it successfully thwarted what appeared to be an attempt by someone to steal mobile customer data.

"We recently detected what could have been an organized attempt to obtain information on a number of customer accounts," AT&T spokesman Mark Siegel said in a statement. "The people in question appear to have used autoscript technology to determine whether AT&T telephone numbers were linked to online AT&T accounts."

No accounts were breached, he said, adding that less than 1 percent of AT&T's 100 million wireless accounts total were affected, or 1 million accounts.

"Our investigation is ongoing to determine the source or intent of the attempt to gather this information," Siegel said. "In the meantime, out of an abundance of caution, we are advising the account holders involved."

The company sent an e-mail to the accounts that were affected.

While AT&T did not provide details on what happened, the larger goal could have been to steal credit card or bank account information via phishing. If attackers were able to match online account information with mobile phone numbers they could send messages to customers pretending to be AT&T and trick them into revealing their data.

Hackers last year were able to retrieve e-mail addresses and other data of iPad 3G subscribers because of a flaw in AT&T's customer Web site that automatically filled in the e-mail address based on the integrated circuit card identifier (ICC-ID) in the iPad's SIM card. The hackers created a script called the iPad 3G Account Slurper that sent HTTP requests to the site with random ICC-IDs and logged the corresponding e-mail address. This information could have allowed them to steal credit card data from customers by sending phishing e-mails purportedly from AT&T or Apple.