July 13, 2024 at 02:33AM
AT&T confirms data breach affecting nearly all wireless customers and MVNOs, compromising call and text records containing interaction details and phone numbers. Threat actors may use stolen data for illicit purposes. AT&T vows to notify affected customers and is working with law enforcement. Third-party cloud provider compromised, linked to other breaches.
AT&T recently confirmed that threat actors accessed data from its wireless customers, as well as customers of mobile virtual network operators using AT&T’s wireless network, by unlawfully accessing an AT&T workspace on a third-party cloud platform. The accessed data includes customer call and text interactions, telephone numbers, and call duration. The breach also potentially exposed locations of customers at the time of interaction. AT&T is working to alert affected customers and has vowed to work with law enforcement to apprehend those responsible, with at least one arrest already made.
The breach is linked to other high-profile breaches impacting companies like Ticketmaster, Santander, Neiman Marcus, and LendingTree, with the third-party cloud provider later revealed to be Snowflake. The breach is associated with a financially motivated threat actor, and demands for payment have been made in return for the stolen data.
It’s important to note that the accessed information does not include personal information such as Social Security numbers or dates of birth, and AT&T is urging customers to be cautious of phishing, smishing, and online fraud. Additionally, Snowflake has taken steps to enhance security measures by enforcing mandatory multi-factor authentication for all users.
It’s a concerning situation, and we will continue to monitor developments and work to implement any necessary precautions to safeguard our interests and customers.