[EVEREST] – Ransomware Victim: AT&T Careers – Database Leaked

AI Generated Summary of the Ransomware Leak Page

On 2025-10-28 18:41:09.680819, a ransomware leak post identified as “AT&T Careers – Database Leaked” was published. The victim is named in the post as AT&T Careers – Database Leaked, a Telecommunication sector entity based in the United States. The post presents the incident as a data-leak event rather than encryption of systems, indicating that a database related to the victim’s careers operations has been breached and exfiltrated. No compromise date is provided in the available data, so the timestamp is treated as the post date. The leak page includes a claim URL, suggesting the attackers offer additional information or negotiations beyond the leak, but no ransom amount is stated in the provided metadata. The page contains two images; their exact contents are not described in the data. There are no other downloads or external links listed beyond the claim URL. The content has been translated into neutral English, with PII redacted where applicable beyond preserving the victim name.

The post notes two image assets accompanying the narrative, hosted on an onion-domain host, consistent with other ransomware leak sites that share media on dark web infrastructure. The images appear to function as visual content for the post, but the dataset does not describe their specific contents. There is no stated data size, file types, or explicit data categories, and there is no compromise date beyond the post date. No direct download link is indicated, and the records show no additional downloads or link counts beyond the claim URL. Overall, the leak post asserts a data-leak event against AT&T Careers – Database Leaked, accompanied by two visual assets and a claim URL, but without a disclosed ransom amount in the provided data.