Search our blog for articles and insights right here, just type your interest and dive into a world of knowledge.
Popular articles
Massive AT&T Data Breach Under Investigation by FCC
The Federal Communications Commission (FCC) is investigating a significant breach of AT&T Inc.’s customer data. The incident, one of the largest breaches of telecommunications data in recent history, affected millions of customers. The compromised data includes call and text records for nearly all mobile-phone users on AT&T’s network during a six-month period in 2022, spanning from May 1 to October 31. Additionally, records from January 2, 2023, were also affected for a small number of customers.
The hack was discovered in April, when AT&T learned that the data had been illicitly downloaded from a third-party cloud platform identified as Snowflake Inc. According to AT&T, the breach did not expose call contents, personal information such as birth dates or Social Security numbers, or the timing of calls. However, the compromised records do identify the telephone numbers interacted with by AT&T or Mobile Virtual Network Operator (MVNO) cellular numbers, which could be linked to individuals through publicly available tools.
This incident represents a severe security setback for AT&T, a corporation valued at $134 billion that serves retail, business, and government clients, including U.S. military and emergency response networks. The breach could have dire consequences if the data is released, particularly for individuals who wish to keep their communications private, such as politicians, executives, activists, journalists, and their sources.
John Scott-Railton, a senior researcher at Citizen Lab, highlighted the gravity of the breach, stating it gives an unknown entity an extensive view into American lives and poses a significant national security risk given the involvement of government customers. An FBI statement revealed that AT&T and the agency decided to delay the breach's disclosure due to potential national security and public safety concerns.
This recent breach is not connected to a prior leak reported in April, where personal data from about 73 million AT&T customers was found on the dark web. That data appeared to be from 2019 or earlier. In the current breach, AT&T has not observed the stolen information being released publicly and has taken steps to close the access point. Law enforcement is involved, and at least one individual has been apprehended, according to AT&T.
Snowflake's Statement on the Hack
Snowflake disclosed that hackers targeted its customers, using stolen login details to access the accounts of as many as 165 Snowflake customers, including several prominent companies. The intruders exploited credentials available in cybercriminal forums to access accounts lacking multifactor authentication. Snowflake’s Chief Information Security Officer, Brad Jones, stated that there was no evidence suggesting the activity was caused by a vulnerability or breach of Snowflake’s platform.
AT&T and the FCC continue to address the fallout from this breach, emphasizing the importance of robust cybersecurity measures to prevent future incidents.
