The FBI and Philippine law enforcement officials arrested four people in the Philippines this week who were allegedly paid to hack into AT&T’s system, but the company said it was not breached.
The four, who were arrested Wednesday in Manila, were paid by the same Saudi Arabian-based terrorist group identified by the FBI as funding the 2008 attack on Mumbai, the Philippines’ Criminal Investigation and Detection Group (CIDG) said in a statement. The coordinated attacks in India’s largest city claimed 164 lives and wounded at least 308.
“The hacking activity resulted in almost $2 million in losses incurred by the company,” the CIDG said in a statement.
The suspects hacked the trunk-like PBX (private branch exchange) phone lines of different telecommunications companies, including AT&T, the CIDG said. Money stolen in the hacks was diverted to bank accounts belonging to the terrorists, who paid the Filipino hackers on commission, the group said.
An AT&T representative told Reuters that it “ended up writing off some fraudulent charges that appeared on customer bills” but did not comment on the $2 million figure.
“AT&T and its network were neither targeted nor breached by the hackers,” AT&T spokeswoman Jan Rasmussen said. “AT&T only assisted law enforcement in the investigation that led to the arrest of a group of hackers.”
The FBI requested the CIDG’s assistance in March after discovering the hacking group had targeted AT&T in the U.S., the CIDG said.
Earlier in the week, AT&T said it thwarted an attempt to steal mobile customer data and that no accounts were breached.