Massive AT&T Data Leak Exposes 86 Million Customer Records with Decrypted SSNs

A newly disclosed breach has shaken the cybersecurity landscape: hackers have leaked a massive dataset containing over 86 million AT&T customer records, including decrypted Social Security Numbers (SSNs). Originally posted on a Russian cybercrime forum in May 2025 and reuploaded in early June, the dataset has now spread widely across threat actor channels. What's in the Leak? The exposed records contain: Full names Dates of birth Phone numbers Email addresses Physical addresses Approximately 44 million decrypted Social Security Numbers The threat actor claims that both SSNs and dates of birth were encrypted in the original source but have now been fully decrypted-indicating either a failure in encryption management or additional compromise. Possible Connection to Previous AT&T Breaches While AT&T has previously suffered data breaches, including the 2024 Snowflake-related breach affecting 110 million users' call and text metadata, this incident appears different. That earlier breach reportedly did not include personally identifiable…

0 Comments

Speaking at GTBA 2025: Ransomware Threats in Telecom and Broadband

We're pleased to share that Patrick Kelley, CEO of Critical Path Security and Léargas Security, will be speaking at the 2025 GTBA Annual Meeting of the Membership, hosted by the Georgia Rural Telephone and Broadband Association. 📍 Location: Hammock Beach, Daytona Beach, FL 📅 Dates: June 15-19, 2025 🗣 Topic: Ransomware in Telecom and Broadband: Real-World Impact and Response Strategies Why This Talk Matters Rural telecommunications and broadband providers have become prime targets for ransomware groups seeking to exploit infrastructure gaps and critical service dependencies. As attackers refine their tactics-often hitting operations where recovery is slow and costly-preparedness is no longer optional. Patrick will dive into the latest ransomware attack trends, walk through recent case studies, and outline actionable steps for detection, response, and prevention tailored for rural ISPs and telcos. What Attendees Will Gain A clearer understanding of ransomware attack vectors in telecom infrastructure Guidance on securing legacy and…

0 Comments

Speaking at GridSecCon 2025: Mental Health in Cybersecurity and the Maslach Burnout Inventory

We're proud to announce that Patrick Kelley, CEO of Critical Path Security and Léargas Security, will be speaking once again at GridSecCon 2025. His breakout session, titled "Mental Health in Cybersecurity: Leveraging the Maslach Burnout Inventory," will take place on October 8, 2025, from 3:00 PM to 4:00 PM PT. Why This Talk Matters Cybersecurity is more than threat detection and response-it's a high-pressure profession where burnout, imposter syndrome, and emotional fatigue are common, yet rarely discussed. The stakes are high, the expectations relentless, and the human toll is real. In this session, Patrick will offer a brutally honest and personal look at the psychological cost of doing this work, the systemic flaws that exacerbate mental strain, and how the Maslach Burnout Inventory can be used as a tangible tool to assess and manage burnout. What Attendees Will Learn How to recognize the warning signs of burnout before they escalate…

0 Comments

Unsecured Database Exposes 184 Million Login Credentials: A Wake-Up Call for Cybersecurity

Discovery Highlights Common Data Handling Gaps In May 2025, cybersecurity researcher Jeremiah Fowler identified an unsecured ElasticSearch database that had been left publicly accessible. The dataset included over 184 million records, many containing usernames and plaintext passwords associated with popular platforms such as Apple, Google, Facebook, and Microsoft. While there is no confirmation that this data has been actively exploited, the discovery underscores the ongoing need to review how credentials are managed, stored, and potentially aggregated without oversight. What Was Found The database entries included an ID tag indicating the type of account, the associated URL, and plaintext credentials. The use of the Portuguese word "Senha" for "password" may point to the original source or intended users of the system. A small sample of 10,000 records showed the following: Facebook: 479 Google: 475 Instagram: 240 Roblox: 227 Discord: 209 Additional records from Microsoft, Netflix, PayPal, Apple, Amazon, and others A…

0 Comments