Data from nearly all of telecommunications giant AT&T’s customers was downloaded to a third-party platform in a security breach, the company said, as cyberattacks against businesses, schools and healthcare systems continue to spread globally.
The breach, which was announced by the company on Friday, largely occurred over five months in 2022. It targeted customers of AT&T mobile customers, mobile virtual network operator customers who use AT&T’s wireless network, as well as their landline customers who interacted with those. cell phone numbers.
Approximately 109 million customer accounts were affected, according to AT&T, which said it does not currently believe the data is publicly available.
“The data does not contain the content of calls or text messages, personal information such as Social Security numbers, dates of birth or other personally identifiable information,” AT&T said Friday.
The compromised data also does not include some information typically seen in usage details, such as the timestamp of calls or texts, the company said, or customer names. AT&T, however, said there are often ways to use publicly available online tools to find the name associated with a specific phone number.
Cybersecurity experts agreed, saying this data could be used to track users.
“Although the exposed information does not directly contain sensitive information, it can be used to gather information about events and who may be calling whom. This could impact people’s private lives as private calls and connections could be exposed,” said Thomas Richards, principal consultant at Synopsys Software Integrity Group, in an emailed statement. “Business phone numbers will be easy to identify and private numbers will be able to be matched to names in public records searches.”
An internal investigation determined that the compromised data included AT&T call and text message logs between May 1, 2022 and October 31, 2022.
AT&T identified the third-party platform as Snowflake and said the incident was limited to an AT&T workspace on that company’s cloud platform and did not affect its network.
Increasing risks
Cybersecurity experts say the sheer volume of data held by companies on cloud platforms can create its own dangers.
“The AT&T data breach highlights the growing risks associated with the vast amounts of data that companies now store on cloud and SaaS platforms,” said Roei Sherman, director of field technology at Mitiga, a threat detection and investigation company. focusing on cloud technology. “As organizations increasingly rely on these technologies, the complexity of detecting and investigating breaches has increased markedly.”
AT&T’s investigation continues and it has hired cybersecurity experts to understand the nature and scope of the criminal breach. At least one person has been arrested so far, according to the company.
The compromised data also includes records from January 2, 2023, for a very small number of customers. The records identify the phone numbers that an AT&T cell number or MVNO interacted with during these periods. For a subset of records, one or more cell station identification numbers associated with the interactions are also included.
The FBI said it worked collaboratively with AT&T and the Department of Justice “during the first and second backlog while also sharing important threat information to bolster the FBI’s investigative actions and to assist its response work to AT&T incidents.”
The Justice Department said Friday that it became aware of the breach earlier this year but that it met the security standard for a delayed filing by AT&T with the U.S. Securities and Exchange Commission, a filing that was made public Friday. -fair.
The Justice Department said earlier disclosure of the breach “would pose a substantial risk to national and public security.”
The Federal Communications Commission is also investigating the breach.
The year has already been marked by several major data breaches, including a previous attack on AT&T in March. One dataset found on the “dark web” contained information such as Social Security numbers for about 7.6 million current AT&T account holders and 65.4 million former account holders. .
Some car dealerships are still using pens and paper to close deals after back-to-back cyberattacks last month against a company that provides them with software. That company, CDK Global, is still trying to reestablish normal operations.
Alabama’s superintendent of education said earlier this month that some data was “breached” during a hacking attempt at the Alabama State Department of Education.
Cybersecurity experts warn that hospital systems across the country that have already been targeted are at risk of more attacks and that the U.S. government is doing too little to prevent breaches.
This story originally appeared on Aljazeera.com read the full story
