Millions of AT&T customer phone numbers, call and text records, and location-based info were stolen.
A spokesman for AT&T told on Friday that the company will start telling millions of customers about a new data breach that let hackers steal the phone records of “nearly all” of its customers.
The company said in a statement that the stolen information includes the phone numbers of both cell phone and landline users, as well as AT&T records of calls and text messages from May 1, 2022, to October 31, 2022. This information includes things like who called or texted whom.
AT&T said that some of the stolen information includes more current records from January 2, 2023, for a smaller number of customers that they did not name.
The company said that the stolen information also includes call logs of people whose cell phone service comes from other companies that use AT&T’s network.
AT&T said that the stolen data “does not contain the content of calls or texts.” However, it does contain records of calls and texts that an AT&T phone number made and received over the course of six months, as well as the total number of calls and texts made by a customer and the length of each call. This type of data is often called metadata. AT&T said that the hackers didn’t get the times or dates of calls or texts.
Cell site identification codes for phone calls and text messages are among the stolen records. This information can be used to get a rough idea of where a call or text message was made or sent.
A representative for the phone company told TechCrunch that they will tell about 110 million AT&T users about the data breach.
AT&T put details about the data breach on its website for customers. AT&T also told regulators about the breach in a document they sent out before the market started on Friday.
Breach Connected To Snowflake
AT&T said it found out about the data breach on April 19 and that it had nothing to do with the security event in March.
AT&T’s Huguely told TechCrunch that the most recent breach of customer records came from Snowflake, a big name in cloud data storage. The records were stolen from Snowflake’s customers during a recent wave of thefts.
Tech companies and telcos are examples of business customers that can use Snowflake to look at huge amounts of customer data in the cloud. Someone from AT&T wouldn’t say why the company was storing customer info in Snowflake, so it’s not clear.
AT&T is the third company in the past few weeks to say that data from Snowflake was stolen. Ticketmaster, a LendingTree subsidiary called QuoteWizard, and others have already said the same thing.
Customers of Snowflake were blamed for the data breaches because they didn’t use multi-factor authentication to protect their Snowflake accounts. This was a security tool that Snowflake did not require or enforce its customers to use.
Cybersecurity incident response firm Mandiant was hired by Snowflake to help them tell customers. Later, the company said that “significant volumes of data” were stolen from the accounts of about 165 Snowflake customers.
Mandiant said the breach was caused by a cybercriminal group that had only been tracked as UNC5537. Researchers at Mandiant say that the hackers are after money and that there are members in North America and at least one person in Turkey.
Some of the other businesses whose Snowflake account information was stolen later had their information posted on well-known sites for cybercrime. When asked about the data, AT&T said that it doesn’t think it is available to the public right now.
In a statement, AT&T said it was working with police to catch the hackers who were responsible for the breach. AT&T said in a statement that “at least one person has been caught.” AT&T’s spokesperson said that the person who was arrested was not an AT&T employee and that questions about the accused criminals should be directed to the FBI. A spokesperson for the FBI did not quickly respond.
Also Read: Microsoft-Owned Ad Tech Company Xandr Is Being Accused Of EU Privacy Breaches
This is the second security breach that AT&T has told the public about this year. People with millions of AT&T accounts had to change their passwords after a cybercrime site posted a cache of customer account information that included encrypted passwords for AT&T customer accounts. At the time, a security researcher told TechCrunch that the encrypted passcodes were simple to decode. This made AT&T take extra steps to protect customer accounts.
What do you say about this story? Visit Parhlo World For more.
