AT&T customers suffer new massive call data breach by Snowflake hackers

2comments
AT&T customers suffer new massive call data breach by Snowflake hackers
In a regulatory filing today, AT&T disclosed that it has been a target of a significant hacking operation that stole customer records from users on its network between May 1 to October 30, 2022.

This massive data breach is different from the one AT&T reported in April, and which affected 71 million of its subscribers. The new customer data mishap comes courtesy of a third-party cloud service provider called Snowflake, whose servers were pillaged for calls and phone numbers.

According to the AT&T spokesperson, no names, addresses, or Social Security Number of customers have been stolen, just their call logs and phone numbers. "The call and text records identify the phone numbers with which an AT&T number interacted during this period, including AT&T landline (home phone) customers," tips AT&T, and continues that "it also included counts of those calls or texts and total call durations for specific days or months."

Still, according to the filing, anyone who has a bit of technical expertise can use available online tools to connect phone numbers with names and addresses.

The customer data that previously leaked and was reported by AT&T in April was from network connections made in 2019, but this current data breach is actually quite a bit fresher, even including some numbers and call logs from as early as last January.

Needless to say, even call log exposure could be enough of a problem for anyone who wouldn't want the world to know who and when they called, or for how long they talked. This is especially true if those numbers get matched to names and addresses in a preparation for sale on the Dark Web, where the data from the previous AT&T breach ended up.

"At this time, we do not believe that the data is publicly available" says AT&T, and continues to apologize:

AT&T, July '24

Those who wish to learn more about the latest massive carrier subscriber data breach can head on to data incident website for more information, as AT&T says it will notify users who have been affected.
Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless