Hackers Put the A-T-T in Attack with Some Inside Assistance

By Hodgson Consulting & Solutions | August 9, 2019

Breach Alert:

According to ZDNet (, 2019) “AT&T employees took bribes to unlock millions of smartphones, and to install malware and unauthorized hardware on the company's network”. This was confirmed by the Department of Justice on Monday, August 5, 2019. As reported by zdnet, The Department of Justice has an open case against Muhammad Fahd, for heading the scheme, and Ghulam Jiwani, who was the co-conspirator and is now believed to be deceased. Fahd and Jiwani were charged by the Department of Justice with “paying more than $1 million in bribes to several AT&T employees at the company's Mobility Customer Care call center in Bothell, Washington.” (, 2019)

One of the most alarming facts uncovered by the DOJ was the timeline of the crime! According to the reports “the bribery scheme lasted from at least April 2012 until September 2017. And initially, the two Pakistani men bribed AT&T employees to unlock expensive iPhones so they could be used outside AT&T's network.” (, 2019) The tactics of the scam evolved in 2013, due to AT&T employees either leaving or getting fired. According to reports, “that’s when Fahd changed tactics and bribed AT&T employees to install malware on AT&T's network at the Bothell call center. Between April and October 2013, this initial malware collected data on how AT&T infrastructure worked.” (, 2019) The DOJ reports stated that:

“In November 2014, as Fahd began having problems controlling this malware, [and that] he also bribed AT&T employees to install rogue wireless access points inside AT&T's Bothell call center. These devices helped Fahd with gaining access to AT&T internal apps and network, and continue the rogue phone unlocking scheme.”

The Department of Justice also reported that “one AT&T employee received more than $428,500 in bribes over a five year period.” (, 2019)

The DOJ stepped in and opened its investigation only after AT&T filed a lawsuit against three of its employees in 2015. In summary, “AT&T estimated it lost revenue of more than $5 million/year from Fahd's phone unlocking scheme”, yet thankfully the company stated that “this incident did not involve access to customers' personal data.” (, 2019)

While AT&T was able to attest that no user data had been leaked, the same could not be said for the popular social commerce marketplace, Poshmark. According to the company and NBCDFW (, 2019), “an unauthorized third party acquired user data” through a data breach. Poshmark said “that profile data from some of their users was obtained by an unauthorized third party”, but “the jeopardized data does not include financial or physical address information, according to the company.” (, 2019) Poshmark placed protections in place that would make it difficult for the hackers to use the obtained information to directly access user profiles and accounts. However, research has shown that when retailers experiences breaches such as these, eventually the customers’ data can be found circulating and being sold on the dark web.

How it Could Affect You:

These days, consumers rely on big name services and resources such as AT&T and Poshmark. When people feel that their information is not being secured by “big name companies”, it quickly creates distrust for them with all companies. No one wants to feel vulnerable or like a target. Therefore, being able to reassure your clients upfront that you protect the information they entrust to you automatically sets your business apart from competing companies of all sizes. Consider these takeaways:

  1. When platforms as large as AT&T and other companies being hacked, customers begin to question any account that they have previously shared personal data with. You will want to have solutions in place that reassure your customers when they come with questions.
  2. The Dark Web is a dangerous and ever-growing space. If your company/customer’s data is leaked there, it can be sold over and over again for an undetermined amount of time.
  3. It is much easier to establish trust than it is to repair it! Learning from the mistakes of these companies can save your business in the future, no matter what industry you specialize in.

While most will argue that they would not participate in the kind of scheme the AT&T employees above participated in, you need certainty that those with legitimate access to your networks cannot participate in those schemes either. Beyond collaborative schemes, the reality is that none of us are immune to phishing attacks. These attacks target the most unsuspecting people, which is why being able to recognize them is so important. Phishing attacks are used by hackers to first gain access to you and your employees, and these cyber-criminals then prey on your vulnerabilities. See some of the top-clicked phishing test here:


Hodgson Can Help:

Here at Hodgson Consulting & Solutions, we specialize in securing data and information loss prevention for companies with multiple locations and/or a remote workforce. Contact us to receive a FREE Cyber Security Risk Assessment and learn more about our Managed Security Service Plans.

Time is of the essence. Don’t allow hackers to snoop and sneak around your networks for five years before you discover their schemes! And don’t allow you or your employees to be hooked by phishing schemes. Contact us today!


Claim Your FREE
Cyber Security Risk Assessment

Click Here