AT&T attack is the latest event in a devastating rolling cloud hack
American telecommunications giant AT&T has become the latest victim of a cloud hack that is working its way through a staggering range of corporations.
The breach saw call and text logs relating to “nearly all” of AT&T’s mobile phone subscribers, as well as from customers of ‘virtual networks’ that piggyback on the telco’s network, “from May 1, 2022 to October 31, 2022 as well as on January 2, 2023” stolen.
“We learned that AT&T customer data was illegally downloaded from our workspace on a third-party cloud platform,” the telco said in a statement.
The breach, AT&T’s second in a year, makes the company the latest victim of breaches at cloud data warehouse Snowflake, first revealed in May.
While the content of text messages was not leaked, numbers texted or called, call and message time, and call duration data was.
“The call and text records identify the phone numbers with which an AT&T number interacted during this period, including AT&T landline (home phone) customers. It also included counts of those calls or texts and total call durations for specific days or months,” AT&T said.
According to details provided by AT&T in a mandatory report to the US stock market regulator, the Securities and Exchange Commission, the breach occurred on 14 or 15 of April and AT&T became aware of it on 19 April.
The Snowflake breach, which was possible as a result of failure to use multi-factor authentication (MFA), has so-far affected at least 165 companies, including Ticketmaster and is now threatening to become an avalanche.
The criminal group behind the hack, known as ShinyHunters, has been issuing ransoms, amounting to demands for payments ranging from hundreds of thousands to millions of dollars. Demands that, according to a report in Wired, are in some cases being met: the magazine said A&T forked over 5.7 Bitcoin, worth about US$370,000 (approx. €339,400) in hopes the data would be deleted.
Shares in both AT&T and Snowflake have slid since news of the breach broke, but really that is the least of anyone’s problems. Whether or not the data really was deleted only time will tell, but the staggering scope of this latest breach, which while it did not include customer names nonetheless exposes more than 100 million users to potential fraud, really gives IT and information security professionals, not to mention company boards, something to think about.
Subscribers 0
Fans 0
Followers 0
Followers