I suggest, based on my experiences with data breaches over the years, that AT&T is about to have a very bad time of it. Class actions following data breaches have become all too common and I've written before about how much I despise them. The trouble for AT&T (in my non-legal but "hey, I'm the data breach guy" opinion), will be their denial of a breach in 2021 and the subsequent years in which tens of millions of social security numbers were floating around. As much as it's hard for the victim of identity theft to say "this happened because of that breach", it's also hard for the corporate victim of a breach to say that identity theft didn't happen because of their breach. Particularly in such a litigious part of the world, I wouldn't be at all surprised if the legal cost of this runs into the tens if not hundreds of millions of dollars. I doubt the plaintiffs will see much of this, but there's sure going to be some happy lawyers out there!
References
- Sponsored by: Kolide ensures only secure devices can access your cloud apps. It's Device Trust tailor-made for Okta. Book a demo today.
- AT&T have now confirmed their data breach (well, kind of: "AT&T data-specific fields were contained in a data set")
- The big telco is already getting hit with a bunch of class action law suits (that's at least 10 from one US state alone!)
- Pandabuy got breached (and very quickly tried to stop people talking about it!)
- Surveylama also got breached (that's another 4.4M email addresses now out there)
- Now that the new Prusa Mk4 is up and running, we're printing a modular hydroponic tower (the embedded video on that Printables page gives a great overview)