A shocking disclosure has been made that a massive information breach has revealed phone number and text message data for approximately 110 million people, effectively compromising nearly all of its customer base. AT&T stated it delayed disclosing the incident in response to “nationwide safety and public security issues,” noting that among the data included information that could possibly be used to find out the place a name was made or textual content message despatched. AT&T additionally acknowledged the shopper data had been uncovered in a cloud database that was protected solely by a username and password (no multi-factor authentication wanted).
In with the right this moment, AT&T stated cyber intruders accessed an AT&T workspace on a third-party cloud platform in April, downloading information containing buyer name and textual content interactions between Might 1 and October 31, 2022, in addition to on January 2, 2023.
The corporate stated the stolen information contains data of calls and texts for cell suppliers that resell AT&T’s service, however that it doesn’t embrace the content material of calls or texts, Social Safety numbers, dates of delivery, or another personally identifiable info.
Despite the corporation’s statement, a portion of the stolen data reportedly revealed sensitive information regarding the proximity of nearby cell towers to subscribers, potentially enabling hackers to estimate the whereabouts of the device responsible for sending or receiving text messages or phone calls.
“Whereas the info doesn’t embrace buyer names, there are sometimes methods, utilizing publicly out there on-line instruments, to seek out the title related to a selected phone quantity,” AT&T allowed.
AT&T’s stated it discovered of the breach on April 19, however delayed disclosing it on the request of federal investigators. According to the corporation’s publicly filed SEC disclosure, an individual has been taken into custody by law enforcement in connection with the breach, at a minimum.
In a written assertion shared with KrebsOnSecurity, the FBI confirmed that it requested AT&T to delay notifying affected clients.
“Shortly after figuring out a possible breach to buyer information and earlier than making its materiality determination, AT&T contacted the FBI to report the incident,” the FBI assertion reads. When evaluating the nature of the violation, consideration must be given to the sequence of events preceding any potential delay in publicly disclosing information under SEC Rule 1.05(c), subsection (c), with specific focus on possible threats to national security and/or public safety. AT&T, FBI, and DOJ labored collaboratively by way of the primary and second delay course of, all whereas sharing key risk intelligence to bolster FBI investigative equities and to help AT&T’s incident response work.”
quoted an AT&T spokesperson saying the shopper information was stolen on account of a still-unfolding information breach involving greater than 160 clients of the cloud information supplier .
In December, it was discovered that numerous major organizations had inadvertently exposed massive amounts of sensitive customer data stored on Snowflake servers, leaving these Snowflake accounts vulnerable with only usernames and passwords as security measures.
In the final month, hackers behind the Snowflake data breaches acquired pilfered Snowflake login credentials from underground marketplaces that peddle access to compromised usernames, passwords, and authentication tokens obtained through malicious information-scouring software. Snowflake has announced that it will henceforth mandate the adoption of multi-factor authentication for all new clients from this point forward.
Numerous companies whose vast customer databases were compromised after a breach of Snowflake’s servers are now scrambling to mitigate the fallout.
Earlier this 12 months, AT&T after the corporate involving roughly 7.6 million present AT&T account holders and roughly 65.4 million former account holders.
Serves as a utility safety architect, guiding and creating solutions. Burnett stated the one actual use for the info stolen in the latest AT&T breach is to know who’s contacting whom and what number of instances.
“Essentially the most regarding factor to me about this AT&T breach of ALL buyer name and textual content data is that this isn’t one in every of their essential databases; it’s metadata on who’s contacting who,” Burnett on Mastodon. That seems to imply that someone has deliberately omitted timestamped records from a database.
Why do numerous major companies continue to accept the unacceptable risk of storing highly sensitive customer data with minimal security safeguards in place? According to Advance Auto Parts, an investigation revealed that sensitive data, including full names, Social Security numbers, driver’s licenses, and government-issued identification numbers, were compromised for both former employees and job applicants.
The lack of accountability stems primarily from the absence of effective deterrents, with class-action lawsuits often being the sole consequence of such lapses in safety protocols. AT&T advised the SEC it doesn’t imagine this incident is more likely to materially affect AT&T’s monetary situation or outcomes of operations. AT&T reported revenues of greater than $30 billion in its most up-to-date quarter.
