Unknown hackers have reportedly gained access to the email accounts of people with AT&T email addresses and are using that access to break into victims’ cryptocurrency exchange accounts and steal their digital assets.

According to an anonymous source who contacted TechCrunch at the beginning of the month, the hackers have found a way to hack into the email addresses of anyone who has an att.net, sbcglobal.net, bellsouth.net, and other AT&T email addresses. The hackers are reportedly able to do this because they have access to a part of AT&T’s internal network that allows them to create mail keys for any user.

With a target’s mail key, the hackers can log into the target’s account via email apps like Thunderbird or Outlook and start resetting passwords for more lucrative services like cryptocurrency exchanges. The AT&T spokesperson Jim Kimberly stated that the company had “identified the unauthorized creation of secure mail keys, which can be used in some cases to access an email account without needing a password.

We have updated our security controls to prevent this activity.” The company also proactively required a password reset on some email accounts as a precaution and locked some email accounts, forcing their owners to reset their passwords.

The report also suggests that the hackers may have access to AT&T’s internal VPN after obtaining an API access key. According to the anonymous source, the hackers have made between $15 and $20 million in stolen crypto, but this claim could not be independently verified by TechCrunch.

One victim told TechCrunch that hackers had stolen $134,000 from his Coinbase account, while another victim stated that this has been happening repeatedly since November 2022. Several people with AT&T and other related email addresses also reported on Reddit that they had been hacked.

As cryptocurrency becomes increasingly popular, hackers have become more sophisticated in their methods of attack, and incidents like this serve as a reminder of the importance of strong security measures. Users are advised to use two-factor authentication and avoid reusing passwords across multiple accounts.

AT&T users who suspect that their accounts have been compromised should immediately reset their passwords and enable two-factor authentication.

Unknown hackers have reportedly gained access to the email accounts of people with AT&T email addresses and are using that access to break into victims’ cryptocurrency exchange accounts and steal their digital assets.

According to an anonymous source who contacted TechCrunch at the beginning of the month, the hackers have found a way to hack into the email addresses of anyone who has an att.net, sbcglobal.net, bellsouth.net, and other AT&T email addresses. The hackers are reportedly able to do this because they have access to a part of AT&T’s internal network that allows them to create mail keys for any user.

With a target’s mail key, the hackers can log into the target’s account via email apps like Thunderbird or Outlook and start resetting passwords for more lucrative services like cryptocurrency exchanges. The AT&T spokesperson Jim Kimberly stated that the company had “identified the unauthorized creation of secure mail keys, which can be used in some cases to access an email account without needing a password.

We have updated our security controls to prevent this activity.” The company also proactively required a password reset on some email accounts as a precaution and locked some email accounts, forcing their owners to reset their passwords.

The report also suggests that the hackers may have access to AT&T’s internal VPN after obtaining an API access key. According to the anonymous source, the hackers have made between $15 and $20 million in stolen crypto, but this claim could not be independently verified by TechCrunch.

One victim told TechCrunch that hackers had stolen $134,000 from his Coinbase account, while another victim stated that this has been happening repeatedly since November 2022. Several people with AT&T and other related email addresses also reported on Reddit that they had been hacked.

As cryptocurrency becomes increasingly popular, hackers have become more sophisticated in their methods of attack, and incidents like this serve as a reminder of the importance of strong security measures. Users are advised to use two-factor authentication and avoid reusing passwords across multiple accounts.

AT&T users who suspect that their accounts have been compromised should immediately reset their passwords and enable two-factor authentication.