AT&T breach leaked call and text records from ‘nearly all’ wireless customers

Share via:


AT&T revealed Friday morning that a cybersecurity attack had exposed call records and texts from “nearly all” of the carrier’s cellular customers (including people on mobile virtual network operators, or MVNOs, that use AT&T’s network, like Cricket, Boost Mobile, and Consumer Cellular). The breach took place during the period between May 1st, 2022, and October 31st, 2022, in addition to an incident that impacted a “very small number” of customers on January 2nd, 2023.

AT&T spokesperson Alex Byers confirmed to The Verge the threat actor accessed the information through the company’s account on a third-party cloud platform, Snowflake, similar to data breaches that have affected Ticketmaster and Santander Bank. AT&T first learned of the breach in April, but as reported by TechCrunch, an FBI spokesperson confirmed “AT&T, the FBI and the Department of Justice agreed to delay notifying the public and customers on two occasions, citing ‘potential risks to national security and/or public safety.’”

The stolen data includes which phone numbers customers interacted with, and Byers tells The Verge that the breach also includes “counts of those calls/texts and total call durations for specific days or months.”

The downloaded data doesn’t include the content of any calls or texts. It doesn’t have the time stamps for the calls or texts. It also doesn’t have any details such as Social Security numbers, dates of birth, or other personally identifiable information.

While the data doesn’t include customer names, there are often ways to find a name associated with a phone number using publicly available online tools.

In a blog post, AT&T said “we do not believe that the data is publicly available” and that it has “taken steps to close off the illegal access point.” The company is working with law enforcement to “arrest those involved” and says one person has already been apprehended.

“We will provide notice to current and former customers whose information was involved along with resources to help protect their information,” AT&T writes. “We sincerely regret this incident occurred and remain committed to protecting the information in our care.”



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

AT&T breach leaked call and text records from ‘nearly all’ wireless customers


AT&T revealed Friday morning that a cybersecurity attack had exposed call records and texts from “nearly all” of the carrier’s cellular customers (including people on mobile virtual network operators, or MVNOs, that use AT&T’s network, like Cricket, Boost Mobile, and Consumer Cellular). The breach took place during the period between May 1st, 2022, and October 31st, 2022, in addition to an incident that impacted a “very small number” of customers on January 2nd, 2023.

AT&T spokesperson Alex Byers confirmed to The Verge the threat actor accessed the information through the company’s account on a third-party cloud platform, Snowflake, similar to data breaches that have affected Ticketmaster and Santander Bank. AT&T first learned of the breach in April, but as reported by TechCrunch, an FBI spokesperson confirmed “AT&T, the FBI and the Department of Justice agreed to delay notifying the public and customers on two occasions, citing ‘potential risks to national security and/or public safety.’”

The stolen data includes which phone numbers customers interacted with, and Byers tells The Verge that the breach also includes “counts of those calls/texts and total call durations for specific days or months.”

The downloaded data doesn’t include the content of any calls or texts. It doesn’t have the time stamps for the calls or texts. It also doesn’t have any details such as Social Security numbers, dates of birth, or other personally identifiable information.

While the data doesn’t include customer names, there are often ways to find a name associated with a phone number using publicly available online tools.

In a blog post, AT&T said “we do not believe that the data is publicly available” and that it has “taken steps to close off the illegal access point.” The company is working with law enforcement to “arrest those involved” and says one person has already been apprehended.

“We will provide notice to current and former customers whose information was involved along with resources to help protect their information,” AT&T writes. “We sincerely regret this incident occurred and remain committed to protecting the information in our care.”



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

Singapore, Hong Kong stand out among blockchain heavyweights

A composite index by ApeX Protocol ranked the...

Elon Musk’s xAI lands $6B in new cash to...

xAI, Elon Musk’s AI company, has raised $6...

SaaS Unicorn LeadSquared Posts INR 162 Cr Loss In...

SUMMARY LeadSquared reported a marginal 0.73% increase in its...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!