On Friday, AT&T, a major telecom company, revealed that it had experienced a data breach that affected the call and text messaging records of nearly all of its customers. The breach was discovered on April 19, with data being taken between April 14 and April 25. The US Justice Department authorized AT&T to delay disclosing the breach for investigation purposes, with one suspect already apprehended.
Jake Williams, a cybersecurity expert, explained that call data records are highly valuable for intelligence purposes as they reveal information about networks and communication patterns. The stolen data includes phone numbers, metadata about calls and texts, and cell site identification numbers. While the breach doesn’t include the content of communications or personal information like Social Security numbers, it still poses a significant threat to privacy and security.
The stolen data covers both landline and cellular accounts from May 1, 2022, to October 31, 2022, with a smaller number of records from January 2, 2023. This breach is part of a larger trend where attackers have been compromising organizations’ Snowflake cloud accounts to steal vast amounts of data. Snowflake is a data warehousing platform, and the stolen data could be used for phishing attacks and other scams targeting individuals.
Mandiant, a cybersecurity firm, identified financially motivated criminal hackers behind the Snowflake account intrusions and highlighted the importance of implementing multifactor authentication to prevent unauthorized access. The US Cybersecurity and Infrastructure Security Agency issued an alert regarding the breach, warning of potential threats posed by the stolen data.
While AT&T believes the stolen data is not publicly available, hackers have been attempting to sell or ransom the data on cybercrime forums. Companies impacted by the Snowflake breaches have been targeted by hackers demanding payments to prevent the release of stolen data. This incident underscores the need for robust cybersecurity measures and highlights the risks associated with data breaches in the digital age.
