Notebookcheck Logo

Massive AT&T security breach exposes large amounts of customer data

Google Mandiant confirmed the cyberattack made use of an info stealer (Image source: Generated with DALL-E)
Google Mandiant confirmed the cyberattack made use of an info stealer (Image source: Generated with DALL-E)
AT&T got hacked recently, following an event of a similar nature earlier in 2024. The latter was massive, with personal information of over 73 million customers getting leaked, and this latest data breach is even bigger with approximately 110 million clients affected.

The US-based telecom giant acknowledges hackers managed to retrieve text and call detail records (CDR) of almost all of their customers, insisting that other kinds of sensitive data such as the contents of said texts are safe. Customers of certain mobile virtual network operators (MVNOs) are affected by this, too.

The stolen chunk of AT&T's database mostly contains PSTN (Public Switched Telephone Network) numbers from 2022, specifically between May 1 and October 31.

Using the data, the perpetrators could easily concoct an interaction map of sorts, making note of who is close to whom to impersonate government institutions or banks with the ultimate goal of getting the person to divulge further valuable information, or just tracking his or her approximate location among other misuses.

... this data could be used by spies, scammers, and other bad actors to target specific people or to improve the feasibility of scams by impersonating the numbers of people you regularly call - Cooper Quintin, a technology expert of the Electronic Frontier Foundation.

Delayed public statements as US national security questioned

AT&T uncovered the breach in April, with the FBI apparently giving the company a green light to postpone making an official statement.

The cybercriminals made use of Snowflake Cloud

AT&T confirmed the data theft was made possible after an attack against one of their online workspaces, executed via Snowflake Cloud.

Google Cloud’s Mandiant unit that Snowflake asked for assistance found out the evil-doers utilized information stealer viruses. This cyberattack is normally used as a vector for a much larger and more intricate attacks.

Having performed an investigation, Snowflake said they never found an evidence of their own platform getting a security breach.

AT&T does not believe the situation will have any impact on the company's financial health. After all, the perpetrators failed to get access to recordings, the contents of texts, or IDs (such as names, social security numbers, dates of birth and so on).

AT&T customers can get additional information directly from AT&T.

A complete guide on how to remove your personal information from the internet can be found on the NordVPB blog, and you can also have a 40% discount on the full NordVPN cybersecurity software bundle on Amazon.com.

AT&T Headquarters (Image source: Matt Rourke/AP)
AT&T Headquarters (Image source: Matt Rourke/AP)
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2024 07 > Massive AT&T security breach exposes large amounts of customer data
Daniel Munteanu, 2024-07-16 (Update: 2024-07-16)