AT&T has confirmed a significant data breach affecting nearly all its customers. Cybercriminals managed to steal phone records, including phone numbers and records of calls and texts, but not the content of the communications. The data spans from May 1, 2022, to October 31, 2022, with some more recent records from January 2023.
AT&T Data Leak- Scope and Impact
- Affected Data: Phone numbers, call records, and text message records (excluding content).
- Metadata Included: Information such as who contacted who, the number of calls and texts, call durations, and cell site identification numbers (approximate location data).
- Affected Customers: Approximately 110 million AT&T customers, including those using other carriers relying on AT&T’s network.
Details and Response
- Discovery: AT&T learned of the breach on April 19.
- Linked to Snowflake: The breach was traced back to data thefts from Snowflake, a cloud data giant. The theft affected multiple companies, including AT&T, Ticketmaster, and QuoteWizard.
- Security Measures: The breach has been linked to insufficient use of multi-factor authentication by Snowflake’s customers.
- Criminal Investigation: AT&T is collaborating with law enforcement, including the FBI and DOJ. One person has been apprehended, although they were not an AT&T employee.
Actions Taken
- Customer Notification: AT&T is notifying around 110 million customers about the breach.
- Information Website: AT&T has set up a website to provide information to affected customers.
- Regulatory Filing: The breach was disclosed in a filing with regulators.
- Law Enforcement Collaboration: The FBI and DOJ delayed public notification to mitigate potential national security and public safety risks.
Conclusion
AT&T’s data breach underscores the vulnerabilities in cloud storage and the importance of robust security measures. Customers are advised to stay informed through AT&T’s communication channels and take necessary precautions to protect their personal information.