Another Data Breach at AT&T Exposes Nearly 110M User Records

Hackers now know how often you called for carryout from the Thai place across the street in a six-month period. AT&T?confirmed ?the other day that the company experienced a massive data breach in which an unknown entity stole phone records from almost all of its nearly 110 million customers.

The telecommunications giant discovered the breach in April and started an investigation. It found that the hacker accessed the data through an illegal download that targeted a third-party app called Snowflake, which also manages data for other big-name companies like Ticketmaster. At the DOJ’s urging, AT&T agreed to delay telling the public so the government could evaluate the breach as a national security risk.

AT&T claims the data hasn’t been leaked publicly as of right now.

• In a very “I know what you did two summers ago” twist, the stolen info includes records of every phone number customers called or texted between May 1, 2022, and October 31, 2022.
• The contents of texts and calls and the times of communications weren’t in the data, but the number of times the callers interacted and call duration were included in the breach.

It might not seem like a huge deal for some cybercriminal to know how many times you called your mom two years ago, but the information stolen has been described as giving the hackers “NSA-level” access to customers. Phone numbers can be easily matched to individuals with tools readily accessible on the internet—and even without the contents of communications, everything from private business deals to romantic affairs could be exposed.

Big picture:?This is AT&T’s second big data breach in the last year. The company disclosed in March that Social Security numbers and other personal info of 73 million current and former customers had been leaked onto the dark web. AT&T says this breach is unrelated to the previous one.

Source: The Morning Brew | MM