Senators Richard Blumenthal (D-Conn.) and Josh Hawley (R-Mo.) pressed AT&T and data cloud company Snowflake for answers this week following a breach that exposed nearly everyone’s call and text message logs. AT&T customers.
“We have written compelling information about the breach of private AT&T customer data and sought answers about how AT&T failed to protect such deeply sensitive information from cybercriminals,” the senators wrote in a letter to AT&T CEO John Stankey.
AT&T revealed on Friday that the records of most of its cellular customers between May and October 2022, as well as one day in January 2023, were illegally downloaded to a third-party cloud platform.
The data identifies phone numbers that AT&T customers have interacted with and, in some cases, cell site identification numbers. However, it does not include the content of calls or texts, timestamps, or any identifying information.
“Together, the stolen information could easily provide cybercriminals, spies and stalkers with a logbook of AT&T customers’ communications and activities over several months, including where those customers live and have traveled – a stunning and dangerous breach of their privacy and intrusion into their customers. in their personal lives,” the letter says.
The senators also wrote to Sridhar Ramaswamy, CEO of Snowflake, noting that the AT&T breach is the latest to affect the cloud company’s customers. Ticketmaster, Advance Auto Parts, and Santander Bank have recently suffered Snowflake-related breaches.
Blumenthal and Hawley pointed to several cybersecurity failures at the companies — including malware infections and failures to update passwords, implement firewall access and enable multi-factor authentication — that “apparently reflect gross negligence.”
“Disturbingly, the AT&T breach appears to have been easily preventable,” they wrote on Tuesday.
This story originally appeared on thehill.com read the full story
