The pilfered content, which contains aggregated metadata, was taken via the company’s Snowflake instance.
The post Phone, text message records of ‘nearly all’ AT&T customers stolen appeared first on CyberScoop.
Telecommunications giant AT&T announced Friday that hackers obtained six months of phone and text message records of “nearly all” of the company’s customers.
An AT&T spokesperson confirmed the data was pulled from Snowflake, making this incident one of the most significant data exfiltration attacks tied to the cloud platform’s recent security woes. AT&T said that they believe at least one person linked to the breach is under federal custody, per the company’s SEC filing describing the incident.
AT&T said that hackers were able to exfiltrate the sensitive information ranging from May 2, 2022 to October 31, 2022, as well as information from January 2, 2023. The data includes phone numbers that an AT&T mobile phone communicated with, including AT&T landline users. In some cases, the data also contains specific cell site ID numbers linked to these interactions. The data does not include content, the timestamps of any calls or texts, social security numbers, dates of birth or other personally identifiable information.
AT&T learned of the incident on April 19 and believes that the hackers accessed the Snowflake workspace between April 14 and April 25, 2024.
AT&T is the latest in a string of major firms to suffer a data breach via the cloud storage platform Snowflake, most of which are believed to have occurred due to a lack of multi-factor authentication. Asked for comment, a Snowflake representative pointed to a blog post by CEO Brad Jones that claims the company has “not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” citing investigations by the incident response firms Mandiant and Crowdstrike.
The company announced on Thursday that administrators can now enforce mandatory multi-factor authentication for Snowflake users.
The stolen data will be a goldmine for scammers, financially-motivated hackers, pig butchers, and nation-backed threats alike. AT&T says they do not believe the data has been made public.
A spokesperson for the Cybersecurity and Infrastructure Security Agency said in a statement that the agency is working to assess the impact of the breach.
The post Phone, text message records of ‘nearly all’ AT&T customers stolen appeared first on CyberScoop.
Source: CyberScoop
Source Link: https://cyberscoop.com/att-data-breach-snowflake/