In a significant security breach, U.S. telecommunications giant AT&T announced on Friday that the data of nearly all its customers was downloaded from a third-party platform in April this year.
The breach affected not only AT&T’s cellular customers but also customers of mobile virtual network operators (MVNOs) using AT&T’s wireless network. Additionally, landline customers who interacted with those cellular numbers were impacted.
Approximately 109 million customer accounts were compromised, according to AT&T. The company stated that it does not currently believe the data is publicly available.
While the compromised data includes AT&T records of calls and texts between May 1 and October 31, 2022, customer names and specific usage details such as timestamps of calls or texts were not exposed. However, AT&T acknowledged that publicly available online tools can sometimes be used to associate telephone numbers with individual names.
An internal investigation revealed that records from January 2, 2023, were also compromised for a very small number of customers.
AT&T identified the third-party platform involved as Snowflake, a cloud computing data warehousing company. The incident was limited to an AT&T workspace on Snowflake’s platform and did not impact AT&T’s own network.
The Federal Bureau of Investigation (FBI) stated it has worked collaboratively with AT&T and the Department of Justice (DOJ) throughout the incident response process, sharing key threat intelligence and bolstering investigative efforts.
The DOJ, which became aware of the breach early this year, indicated that the breach met the security standard for a delayed filing with the U.S. Securities & Exchange Commission (SEC), which was made public on Friday. The DOJ stated that an earlier disclosure could have posed a substantial risk to national security and public safety.
The Federal Communications Commission (FCC) is also investigating the breach.
This breach highlights the vulnerabilities that can arise from third-party platforms and underscores the importance of robust cybersecurity measures for companies managing vast amounts of customer data.
Reference(s):
Data of nearly all AT&T customers leaked from 3rd-party platform
cgtn.com
