What it’s good to know
Hackers stole telephone data of over 100 million AT&T prospects from 2022, together with telephone numbers, name/textual content counts, durations, and cell website IDs.AT&T reported the breach to the SEC and is working with legislation enforcement, resulting in the arrest of a suspect.Mandiant attributed the breach to UNC5537, probably motivated by monetary acquire.
Hackers nabbed telephone data of over 100 million AT&T prospects from 2022, together with knowledge similar to telephone numbers, name/textual content counts, durations, and cell website identification numbers, TechCrunch studies.
AT&T has already reported the info breach to the U.S. Securities and Change Fee. The corporate can also be working carefully with legislation enforcement to kind this out, and it’s paying off—they’ve already caught a suspect linked to the breach.
In its SEC submitting, AT&T disclosed that cybercriminals accessed and stole buyer name and textual content knowledge protecting Could 1, 2022, to October 31, 2022, plus one other breach on January 2, 2023, affecting a number of prospects. The investigation exhibits the breach occurred between April 14 and April 25, 2024.
Moreover, AT&T advised TechCrunch that the info breach affected prospects of different networks utilizing AT&T’s infrastructure. This consists of name data for customers of Cricket Wi-fi, Increase Cell, and Client Mobile.
AT&T says it is going to attain out to all 110 million affected prospects quickly to maintain everybody within the loop concerning the breach. Plus, it has arrange a web site the place yow will discover solutions and information about what occurred.
An AT&T spokesperson confirmed to TechCrunch that the breach stemmed from a hacked account on Snowflake, a third-party cloud platform. Comparable breaches at Ticketmaster and QuoteWizard have been additionally linked to Snowflake. The cloud firm blamed the shortage of multi-factor authentication on the AT&T account, underscoring the necessity for robust cybersecurity from each prospects and distributors.
Snowflake permits corporations to maintain intensive buyer knowledge within the cloud for evaluation. AT&T hasn’t clarified why it desires to investigate such massive quantities of information or why it is utilizing Snowflake for storage, as per TechCrunch.
Cybersecurity consultants at Mandiant have attributed the info breach to UNC5537, an unidentified cybercriminal group. Mandiant suggests the assault was probably financially motivated, which means the stolen knowledge may very well be used for fraud.
On the very least, hackers did not entry the content material of calls and texts, or any private data like names, Social Safety numbers, or dates of start. Nonetheless, regardless that buyer names weren’t a part of the breach, it is nonetheless attainable to match a reputation with a telephone quantity utilizing on-line instruments.
An enormous challenge right here is the delay in telling the general public. AT&T knew concerning the breach in April however held off on saying it twice. TechCrunch studies that the FBI, AT&T, and the Division of Justice agreed to maintain it quiet as a consequence of nationwide safety and security considerations. The specifics aren’t clear, however this delay raises transparency questions and exhibits how tough balancing cybersecurity and nationwide safety will be.
This latest breach is one other hit to AT&T’s cybersecurity efforts, coming quickly after a separate leak earlier this yr that affected over 70 million prospects. Whereas AT&T claims the incidents are unrelated, the back-to-back breaches increase severe questions concerning the firm’s knowledge safety technique and its capacity to guard buyer data.