Hello folks,
What big name company, whose second breach this year is now part of snowflake?
If you happened to guess AT&T, you’re correct.
The person who assists me sent me this article this morning, and its titled AT&T says criminals stole phone records of ‘nearly all’ customers in new data breach.
In a statement, AT&T said that the stolen data contains phone numbers of both cellular and landline customers, as well as AT&T records of calls and text messages — such as who contacted who by phone or text — during a six-month period between May 1, 2022 and October 31, 2022.
AT&T said some of the stolen data includes more recent records from January 2, 2023 for a smaller but unspecified number of customers.
The stolen data also includes call records of customers with phone service from other cell carriers that rely on AT&T’s network, the company said.
AT&T said the stolen data “does not contain the content of calls or texts,” but does include calling and texting records that an AT&T phone number interacted with during the six-month period, as well as the total count of a customer’s calls and texts, and call durations — information that is often referred to as metadata. The stolen data does not include the time or date of calls or texts, AT&T said.
In all, the phone giant said it will notify around 110 million AT&T customers of the data breach, company spokesperson Andrea Huguely told TechCrunch.
AT&T said it learned of the data breach on April 19, and that it was unrelated to its earlier security incident in March.
Snowflake allows its corporate customers, like tech companies and telcos, to analyze huge amounts of customer data in the cloud. It’s not clear for what reason AT&T was storing customer data in Snowflake, and the spokesperson would not say.
AT&T is the latest company in recent weeks to confirm it had data stolen from Snowflake, following Ticketmaster and LendingTree subsidiary QuoteWizard, and others.
We know Snowflake has not been forthcoming when it comes to the fact that they had a problem.
Snowflake blamed the data thefts on its customers for not using multi-factor authentication to secure their Snowflake accounts, a security feature that the cloud data giant did not enforce or require its customers to use.
They’ve been saying this ever since we’ve been covering this fiasco, and they’re still saying it? WTF is wrong with this company? While I remember reading they started enforcing two-factor after the fact, the damage is now coming to life.
AT&T’s statement said it was working with law enforcement to arrest the cybercriminals involved in the breach. AT&T said that “at least one person has been apprehended.” AT&T’s spokesperson said that the arrested individual was not an AT&T employee, but deferred questions about the alleged criminals to the FBI.
An FBI spokesperson confirmed to TechCrunch on Friday that after the phone giant contacted the agency to report the breach, AT&T, the FBI and the Department of Justice agreed to delay notifying the public and customers on two occasions, citing “potential risks to national security and/or public safety.”
While I took portions of the article to give you some details, this is not the full article.
We can quote portions like this, but we can not write the article and call it our own. Find the article linked above and read the entire thing if you’re an AT&T customer. Its vital that you do!
Have fun with this one!
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.