Users of AT&T's email service have been having their accounts broken in to by hackers who have been targeting cryptocurrency exchange accounts and stealing funds from their wallets.
It's been reported that a group of cyber criminals have been utilising a way of gaining access to email accounts across the AT&T network, including att.net, sbcglobal.net and more. They reportedly have access to a part of AT&T's internal network allowing them to make mail keys for any user, which allows users to log in via email clients such as Outlook.
Once the bad actors have these keys they can then log in to email accounts without needing the password for the account, then they have the ability to start resetting passwords for a variety of services, specifically, crypto exchanges.
AT&T spokesperson Jim Kimberley had the following to say, confirming that the company has taken action to correct the issue:
“We have updated our security controls to prevent this activity. As a precaution, we also proactively required a password reset on some email accounts."