In a year that stands out for cybersecurity challenges, another massive data breach has come to light as AT&T acknowledged that the call and text records of 109 million wireless customers had been stolen from third-party provider Snowflake’s cloud.
The records include all numbers that AT&T clients communicated with via text or phone, as well as cell site locations. These communications spanned a more than six-month period in 2022 and one day in January 2023.
In a Securities and Exchange Commission (SEC) filing this month, AT&T disclosed an internal investigation discovered the theft in April. At the Department of Justice’s request, AT&T delayed a public disclosure so the agency could investigate. At least one person, a US citizen, was arrested in Turkey. The Federal Communications Commission is also probing the breach.
Wired magazine reported that AT&T paid a hacking group $370,000 in cryptocurrency to delete the records. While the bad actors provided a video showing the data deletion, there is no way to prove that the cyber criminals don’t have other copies of the records.
Severity of AT&T data breach
The theft involves call and text records of almost all of AT&T cellular clients as well as customers of mobile virtual network operators (MVNOs) including Cricket and Boost. While the data doesn’t include personally identifying information such as names or social security numbers, the scale and the inclusion of communicating phone numbers and location data present a damning picture of the severity of this breach.
Security and intelligence experts are sounding the alarm on how valuable this information would be to many bad actors and espionage agencies. The identities of individual customers can be linked to the phone numbers contained in the metadata which can be found in public records. Adding the cell sites provides the kind of information sought to map communications and locations for individuals by intelligence agencies and other entities.
This metadata can be used for several different applications including discerning the connection between phone numbers through network mapping; geo-fencing analysis for targeted advertising; behavioural pattern recognition, to establish travel patterns; fraud; and cold case resolution. Intelligence agencies around the world have tapped into these type of records for surveillance purposes.
Big questions loom
This is not AT&T’s first major security incident this year. In March, AT&T disclosed the passwords of 7.6 million customers were stolen. That theft occurred in 2019. AT&T never clarified why it took so long to notify its customers of that breach.
Big questions loom about the lack of security protections for such high-value and high-volume data. Why did it take so long for AT&T to identify that breach? What actions is the company taking to ensure that customer data is protected in the future?
“AT&T in the crosshairs after a massive breach of customer data” was originally created and published by Verdict, a GlobalData owned brand.
The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.
Source: finance.yahoo.com