AT&T says that hackers stole call and text data from nearly all of their customers
Protecting Privacy and Identity in the Snowflake Cloud: The AT&T Data Breech attracted by a Million-Scale Threat
This year, more than one company has reported a major data breech impacting millions of people.
The US Justice Department said a delay in providing public disclosure was justified until now, but the company wrote that it first learned of the incident in April.
The records identify other telephone numbers with which affected customers interacted, including AT&T landline numbers, as well as counts of those calls and texts and the total call durations for specific days or months.
The data does not include customer names, so public online tools can be used to locate the name associated with a specific telephone number.
In the event of an impact, the company will inform users via text, email, and U.S. mail and have a website to check to see if their information was involved.
It offers some evergreen advice for those who are worried about potential online fraud, including not replying to a text from an unknown sender, and making sure websites are secure by looking for the’s’ in the address.
If customers see suspicious text activity on their account, they should forward it to AT&T and let the team know.
In March, it said it had reset the passwords of almost 7 million users after discovering a trove of personal information on 70 million account holders on the dark web.
The incident is significant not only because of its sheer scale and reach but because AT&T says it is the latest in a staggering spate of data thefts that resulted from attackers compromising organizations’ Snowflake cloud accounts. In the last year, attackers have obtained customers’ account credentials from Snowflake, and have been stealing hundreds of millions of records from many of the platform’s clients.
Jake Williams, vice president of research and development at Hunter Strategy, says this is really bad. The threat actors stole was essentially call data records. These are useful for intelligence analysis because someone can understand who is talking and when. Data from previous compromises can be used to map phone numbers to identities. But even without identifying data for a phone number, closed networks—where numbers only communicate with others in the same network—are almost always interesting.”