US telecommunications giant AT&T is reeling after its customers' phone records were hacked by cybercriminals in one of the largest data breaches never reported
Snow flake $SNOW and AT&T $T today they download from this Bloomberg story this morning:
AT&T Says New Hack Includes Customer Text and Call Logs – Bloomberg pic.twitter.com/08ombXCsEV
— Evan (@StockMKTNewz) July 12, 2024
The company confirmed that the breach allowed hackers to steal the phone records of “almost every AT&T customer.” AT&T released a web site to provide more information to its customers about the incident and also disclosed the data breach in a filing with regulators.
Go ad-free with Premium, try it for $1
It said the breach occurred between May 1, 2022, and October 31, 2022, and then more data was stolen starting Jan. 2, 2023. In February 2023, AT&T had breach detected.
AT&T spokeswoman Andrea Huguely confirmed in a statement TechCrunch that data was extracted from cloud provider Snowflake during a recent wave of hacking incidents targeting Snowflake customers.
It's unclear why AT&T customer data was stored on Snowflake, and the spokesperson declined to provide further details.
Snowflake blamed the data breaches on its customers for not using multi-factor authentication to protect their accounts despite being offered the service, and customers are calling them out for their negligence.
This isn't the first time AT&T customer data has been compromised. Before this yearAT&T was embroiled in another data breach that resulted in the company resetting the account passwords of millions of its customers, after a cache of customer account information, including encrypted passwords, was released to access accounts, in a cybercrime forum.
A security researcher then confirmed that the encryption could be easily cracked, prompting AT&T to take quicker steps this time around to protect customers' accounts.
AT&T said at the time: “The security of customer information is a priority for us, and we took immediate steps to safeguard our customers' accounts as soon as we became aware of this issue.”
You can read AT&T full release low:
Illegal access to customer data
Find out what we've learned, how we're responding and how we're working to protect your personal data.What happened
We learned that AT&T customer data was illegally downloaded from our workspace to a third-party cloud platform. We launched an investigation and engaged leading cybersecurity experts to help us determine the nature and extent of the problem. We have confirmed that the access point is secured.Our investigation found that the downloaded data included call and text logs from nearly all AT&T mobile customers from May 1, 2022, to October 31, 2022, as well as Jan. 2 of 2023. These records identify phone numbers other than AT&T Wireless. number interacted with during that time, including AT&T landline (home phone) customers. For a subset of records, one or more cell site identification numbers associated with the interactions are also included.
At this time, we do not believe the data is publicly available. We continue to work with law enforcement in their efforts to arrest those involved. Based on the information we have, we understand that at least one person has been arrested.
Data involved
Call and text logs identify the phone numbers that an AT&T number interacted with during that period, including AT&T landline (home phone) customers. It also included the count of those calls or texts and the total call duration for specific days or months.We will notify current and former customers if their information was involved.
Data that is not involved
The downloaded data does not include the content of any calls or text messages. It doesn't have time stamps for calls or texts. It also does not contain any details such as Social Security numbers, dates of birth or other personally identifiable information.Although the data does not include customer names, there are often ways to find a name associated with a phone number using publicly available online tools.
what we are doing
Protecting your data is one of our top priorities. We have confirmed that the affected access point is secured.We hold ourselves to a high standard and are committed to providing the experience you deserve. We constantly evaluate and improve our security to address changing cybersecurity threats and work to create a secure environment for you. We invest in the security of our network using a wide range of resources including people, capital and innovative technological advances.