Security News > 2024 > July > Hackers stole call, text records of “nearly all” of AT&T’s cellular customers
Hackers leveraging stolen Snowflake account credentials have stolen records of calls and texts made by "Nearly all" of AT&T's cellular customers from May to October 2022, the company has confirmed.
"Based on our investigation, the compromised data includes files containing AT&T records of calls and texts of nearly all of AT&T's cellular customers, customers of mobile virtual network operators using AT&T's wireless network, as well as AT&T's landline customers who interacted with those cellular numbers between May 1, 2022 - October 31, 2022," AT&T detailed.
"The compromised data also includes records from January 2, 2023, for a very small number of customers. The records identify the telephone numbers an AT&T or MVNO cellular number interacted with during these periods. For a subset of records, one or more cell site identification number(s) associated with the interactions are also included."
This breach is not related to the one from April, when data of tens of million customers past and present AT&T customers was leaked.
While the onus of properly securing Snowflake accounts is on the company's customers, this incident has made the company realize that pushing customers to implement security measures and making it easier to implement them is crucial to minimizing the possibility of similar breaches in the future.
Snowflake did not catch too much flack for these breaches, as it was obvious that part of the fault rested with the customers themselves.
News URL
https://www.helpnetsecurity.com/2024/07/12/att-stolen-records/