Ransomware victim disclosure
← All victimsAT&T
listed as AT&T Careers · Claimed by Everest · listed 9 months ago
Status timeline
- ListedOct 22, 2025
- Data leakeddate unknown
At a glance
- Group
- Everest
- Status
- Data leaked
- Country
- United States
- Sector
- Telecommunication
- Listed on leak site
- Oct 22, 2025
About the victim
AI dossier — public-source company profileAT&T Inc. is one of the largest telecommunications companies in the United States, providing wireless, broadband, and entertainment services to millions of consumers and businesses. The 'AT&T Careers' designation suggests the targeted system or portal relates to AT&T's human resources or recruitment infrastructure. AT&T operates globally and is headquartered in Dallas, Texas.
- Industry
- Telecommunications
- Address
- 208 S. Akard St, Dallas, TX 75202, United States
- Employees
- 150000+
- Founded
- 1983
Attack summary
Severity: high — AT&T is a major US telecommunications carrier; a breach of careers/HR systems likely involves PII (applicant names, SSNs, contact details) at scale. The disclosed status is 'data_published', indicating confirmed exfiltration and public release, elevating severity. Full critical rating is withheld due to minimal post detail and no confirmed regulated data (e.g., medical or financial records) explicitly stated.The Everest ransomware group claims a data publication (disclosed status: data_published) against AT&T's careers infrastructure, suggesting exfiltration of data from HR or recruitment systems; however, the leak post itself is largely uninformative and provides no explicit detail on the volume or nature of data stolen.
Data the group says was taken
AI dossier — extracted from the leak post- Employee or applicant personally identifiable information (PII)
- Recruitment records
- HR system data
Original description
AI-summarised, not from the leak postAT&T Careers is the employment division of AT&T, an American multinational conglomeric communications company. It offers opportunities in various fields including technology, sales, marketing, customer service, cybersecurity. The company seeks individuals interested in the tech industry with drive for innovation. Roles include internships, entry-level, management, and more experienced positions. It provides competitive benefits and a diverse, inclusive workplace.
The leak post
captured from the group's site© 2026, All rights reserved Citizens Bank - Database Leaked Evaluate a Norstella company - Database Leaked Studio Marchi - Studio Professionale Associato - Database Leaked Super AI - Database Leaked Complete Aircraft Group - Database Leaked Umiles Group - Database Leaked K Subsea Group - Database Leaked Parque Eólico Toabré - Database Leaked PT Brantas Abipraya - Database Leaked Straight Line Logistics - Database Leaked First Priority Group - Database Leaked Hyundai Elevator - Database Leaked UD Trucks - Database Leaked McDonalds India - Database Leaked Tsunami Tsolutions - Database Leaked Atlas Air: MUSE INSECURE - Database Leaked Iron Mountain - Database Leaked Hosowaka Micron Group - Database Leaked Shinwa Co Ltd - Database Leaked SIGMA Processing Group - Database Leaked Acu Trans Solutions LLC - Database Leaked GIBSIN Engineers - Database Leaked ASRock Rack - Database Leaked Reeves Information Technology - Database Leaked WANCHI STEEL INDUSTRIAL - Database Leaked GC Accounting - Database Leaked National Money Mart Company - Database leaked Virginia Records - Database Leaked Morgan Records Management - Database leaked ELC Electroconsult SpA - Databas…
Sources
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

