AT&T is the largest cellphone carrier in the United States, Statista reports, with more than 200 million accounts.
The company said in a statement this morning:
In April, AT&T learned that customer data was illegally downloaded from our workspace on a third-party cloud platform. We launched an investigation and engaged leading cybersecurity experts to understand the nature and scope of the criminal activity. We have taken steps to close off the illegal access point. We are working with law enforcement in its efforts to arrest those involved in the incident. We understand that at least one person has been apprehended.
Based on our investigation, the compromised data includes files containing AT&T records of calls and texts of nearly all of AT&T’s cellular customers, customers of mobile virtual network operators (MVNOs) using AT&T’s wireless network, as well as AT&T’s landline customers who interacted with those cellular numbers between May 1, 2022 – October 31, 2022. The compromised data also includes records from January 2, 2023, for a very small number of customers. The records identify the telephone numbers an AT&T or MVNO cellular number interacted with during these periods. For a subset of records, one or more cell site identification number(s) associated with the interactions are also included.
The data does not contain the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information. It also does not include some typical information you see in your usage details, such as the time stamp of calls or texts. While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number.
At this time, we do not believe that the data is publicly available.
Our top priority, as always, is our customers. We will provide notice to current and former customers whose information was involved along with resources to help protect their information. We sincerely regret this incident occurred and remain committed to protecting the information in our care. Customers can visit att.com/DataIncident for more information.
The official security filing can be read here.
Thomas Richards, principal consultant at Synopsys Software Integrity Group, said in a statement to the Associated Press:
While the information that was exposed doesn’t directly have sensitive information, it can be used to piece together events and who may be calling who. This could impact people’s private lives as private calls and connections could be exposed. The business phone numbers will be easy to identify and private numbers can be matched to names with public record searches.
‘AT&T identified the third-party platform as Snowflake and said that the incident was limited to an AT&T workspace on the cloud company’s platform and did not impact its network,’ the AP added.
Snowflake denies that their security has been breached. The Washington Post reported:
Snowflake has come under heavy criticism from security experts for denying all responsibility for previous data breaches and being slow to aid customers. It told The Washington Post on Friday that it was still working on a process that would allow customers to require two-factor authentication.
Previous Snowflake customer data dumps have been offered for sale in online criminal forums. In an earlier report, one of the security companies hired by Snowflake, Google Cloud’s Mandiant unit, said the hackers had used login credentials initially obtained by what are called infostealers — specialized malware that spirits away sensitive data from corporate or personal devices that have been compromised through other means.
Snowflake, in a statement from company Chief Information Officer Brad Jones, said it hasn’t seen any evidence suggesting a breach of its platform. The company has provided updates on its blog about a “targeted threat campaign” against some of its customers, although it wasn’t immediately clear whether that campaign is connected to the AT&T incident.
“We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” Jones said, adding that this was confirmed by Mandiant and CrowdStrike.
AUTHOR COMMENTARY
As outrageous as this news is – assuming this “hack” was legitimate – know and understand that these telecommunications have been selling your data for a pretty penny now for a long time and have barely even gotten a slap on the wrist. The WP documented this in May when analyzing Federal Communications Commission (FCC) imposed nothingburger fines on AT&T, Verizon, T-Mobile and Sprint (now just T-Mobile) for selling our private information; and some members at the FCC even contemplated not imposing any fines.
The point is, yours and mine data was already being “hacked” well before this recent admission. But the public does not understand this whatsoever, so this headline is surely going to make people angry.
To me, this event and many others similar to it, will be used as yet another excuse to justify enforcing digital IDs on the public, as an excuse to prove one’s identity; and by extension introduce the CBDCs and tokenization, under the guise of needing all assets, transactions, and interactions listed in a digital ledger. Problem. Reaction. Solution. Of course, this will not solve the problem and prevent hacking and data leaks, but it will surely be sold to the masses as an optimal solution…
[7] Who goeth a warfare any time at his own charges? who planteth a vineyard, and eateth not of the fruit thereof? or who feedeth a flock, and eateth not of the milk of the flock? [8] Say I these things as a man? or saith not the law the same also? [9] For it is written in the law of Moses, Thou shalt not muzzle the mouth of the ox that treadeth out the corn. Doth God take care for oxen? [10] Or saith he it altogether for our sakes? For our sakes, no doubt, this is written: that he that ploweth should plow in hope; and that he that thresheth in hope should be partaker of his hope. (1 Corinthians 9:7-10).
The WinePress needs your support! If God has laid it on your heart to want to contribute, please prayerfully consider donating to this ministry. If you cannot gift a monetary donation, then please donate your fervent prayers to keep this ministry going! Thank you and may God bless you.
“To me, this event and many others similar to it, will be used as yet another excuse to justify enforcing digital IDs on the public, as an excuse to prove one’s identity; and by extension introduce the CBDCs and tokenization, under the guise of needing all assets, transactions, and interactions listed in a digital ledger. Problem. Reaction. Solution.” <—–CORRECT
Naahhhh, there was no hack. They just sold it ALL at one time for MEGABUCKS so they call it a hack to get them off the hook. Can’t tell you how many times my business network survive hacks from all over the world, mostly China. If I can prevent hacks and i won’t tell you how, don’t tell me AT&T can’t do what i do and a lot more. Total BS wonder how many billions they raked in on this deal?
And just to think when they first launched they promised the MOST HIGHEST SECURITY for all customers…. Oh my how they have fallen far from their words.
The LORD is judging these corporate thieves for all their years indulging in sinful activities including playing God.