Massive AT&T security breach exposes large amounts of customer data
The US-based telecom giant acknowledges hackers managed to retrieve text and call detail records (CDR) of almost all of their customers, insisting that other kinds of sensitive data such as the contents of said texts are safe. Customers of certain mobile virtual network operators (MVNOs) are affected by this, too.
The stolen chunk of AT&T's database mostly contains PSTN (Public Switched Telephone Network) numbers from 2022, specifically between May 1 and October 31.
Using the data, the perpetrators could easily concoct an interaction map of sorts, making note of who is close to whom to impersonate government institutions or banks with the ultimate goal of getting the person to divulge further valuable information, or just tracking his or her approximate location among other misuses.
... this data could be used by spies, scammers, and other bad actors to target specific people or to improve the feasibility of scams by impersonating the numbers of people you regularly call - Cooper Quintin, a technology expert of the Electronic Frontier Foundation.
Delayed public statements as US national security questioned
AT&T uncovered the breach in April, with the FBI apparently giving the company a green light to postpone making an official statement.
The cybercriminals made use of Snowflake Cloud
AT&T confirmed the data theft was made possible after an attack against one of their online workspaces, executed via Snowflake Cloud.
Google Cloud’s Mandiant unit that Snowflake asked for assistance found out the evil-doers utilized information stealer viruses. This cyberattack is normally used as a vector for a much larger and more intricate attacks.
Having performed an investigation, Snowflake said they never found an evidence of their own platform getting a security breach.
AT&T does not believe the situation will have any impact on the company's financial health. After all, the perpetrators failed to get access to recordings, the contents of texts, or IDs (such as names, social security numbers, dates of birth and so on).
AT&T customers can get additional information directly from AT&T.
A complete guide on how to remove your personal information from the internet can be found on the NordVPB blog, and you can also have a 40% discount on the full NordVPN cybersecurity software bundle on Amazon.com.