Security News Massive AT&T data breach exposes call logs of 109 million customers

Gandalf_The_Grey

Level 84
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,585
AT&T is warning of a massive data breach where threat actors stole the call logs for approximately 109 million customers, or nearly all of its mobile customers, from an online database on the company's Snowflake account.

The company confirmed to BleepingComputer that the data was stolen from the Snowflake account between April 14 and April 25, 2024.

In a Friday morning Form 8-K filling with the SEC, AT&T says that the stolen data contains the call and text records of nearly all AT&T mobile clients and customers of mobile virtual network operators (MVNOs) made from May 1 to October 31, 2022 and on January 2, 2023.

The stolen data includes:
  • Telephone numbers of AT&T wireline customers and customers of other carriers.
  • Telephone numbers with which AT&T or MVNO wireless numbers interacted.
  • Count of interactions (e.g., the number of calls or texts).
  • Aggregate call duration for a day or month.
  • For a subset of records, one or more cell site identification numbers.
The exposed records did not contain the content of the calls or texts, customer names, or any other personal information such as Social Security numbers or dates of birth.
 

SpiderWeb

Level 13
Verified
Top Poster
Well-known
Aug 21, 2020
609
Isn't this their second massive data breach? Wasn't their last one that data from former customers that they retained got leaked? I'm adding At&t to ISPs you just can't trust. For those keeping record, American ISPs that have had massive data breaches leaking customer data:
ISPs without recent data breaches:
  • Verizon
  • Spectrum
  • Starlink
 

vtqhtr413

Level 27
Verified
Top Poster
Well-known
Aug 17, 2017
1,610
AT&T paid more than $300,000 to a member of the team that stole call records for tens of millions of customers, reports Wired — "to delete the data and provide a video demonstrating proof of deletion."The hacker, who is part of the notorious ShinyHunters hacking group that has stolen data from a number of victims through unsecured Snowflake cloud storage accounts, tells WIRED that AT&T paid the ransom in May. He provided the address for the cryptocurrency wallet that sent the currency to him, as well as the address that received it. WIRED confirmed, through an online blockchain tracking tool, that a payment transaction occurred on May 17 in the amount of 5.7 bitcoin... The hacker initially demanded $1 million from AT&T but ultimately agreed to a third of that. WIRED viewed the video that the hacker says he provided to AT&T as proof to the telecom that he had deleted its stolen data from his computer...

AT&T is one of more than 150 companies that are believed to have had data stolen from poorly secured Snowflake accounts during a hacking spree that unfolded throughout April and May. It's been previously reported that the accounts were not secured with multi-factor authentication, so after the hackers obtained usernames and passwords for the accounts, and in some cases authorization tokens, they were able to access the storage accounts of companies and siphon their data. Ticketmaster, the banking firm Santander, LendingTree, and Advance Auto Parts were all among the victims publicly identified to date...

The timeline suggests that if [John] Binns is responsible for the AT&T breach, he allegedly did it when he was likely already aware that he was under indictment for the T-Mobile hack and could face arrest for it.
 

SumTingWong

Level 28
Verified
Top Poster
Well-known
Apr 2, 2018
1,786
Don't you find this to be funny?

There are cyber security shortages, but when people apply for entry level cyber security, companies will ghost candidates. Then you have senior positions employees that are in their 50s and 60s planning to retire. Then you have companies refuse to train people.
 
F

ForgottenSeer 114834

Don't you find this to be funny?

There are cyber security shortages, but when people apply for entry level cyber security, companies will ghost candidates. Then you have senior positions employees that are in their 50s and 60s planning to retire. Then you have companies refuse to train people.
I personally find no humor in today's greedy examples. They build massive structures, not wanting to invest in upgrades and security applications that require down times of such structures because of financial loss that occurs doing so hence leaving these with vulnerability that could otherwise be resolved. The customer pays the price while the business continues to line it's pockets. More then likely loop holes in those there contracts that release them from liability as well to an extent.
 

cartaphilus

Level 12
Well-known
Mar 17, 2023
574
I wonder how will ATT eventually spin this as customer's fault. Wait I used ChatGPT to write the apology letter

Subject: Apology for Recent Data Breach Incident

Dear Valued Customer,

I am writing to you on behalf of AT&T to address a recent data breach incident that has affected some of our customers, including you. We deeply regret any inconvenience or concern this may have caused you.

Unfortunately, it appears that the breach was facilitated by vulnerabilities in personal security measures that are the responsibility of our customers. While we take extensive measures to protect your data, such as advanced encryption protocols and regular security audits, we also rely on our customers to maintain robust personal security practices.

We understand that your trust in us has been shaken, and we sincerely apologize for any distress this incident has caused. We are actively investigating the breach and have already taken steps to enhance our security protocols to prevent such incidents in the future.

To safeguard your information, we encourage you to review and strengthen your personal security practices, including updating passwords regularly and being cautious of phishing attempts. Additionally, please be assured that we are working tirelessly to enhance our security measures to protect your data better.

Once again, we apologize for any inconvenience caused by this incident and thank you for your continued trust in AT&T. If you have any questions or concerns, please do not hesitate to contact our customer service team at [Customer Service Number].

Sincerely,

[Your Name]
Customer Relations Team
AT&T
 
  • Love
Reactions: Nevi and vtqhtr413

vtqhtr413

Level 27
Verified
Top Poster
Well-known
Aug 17, 2017
1,610
I wonder how will ATT eventually spin this as customer's fault. Wait I used ChatGPT to write the apology letter

Subject: Apology for Recent Data Breach Incident

Dear Valued Customer,

I am writing to you on behalf of AT&T to address a recent data breach incident that has affected some of our customers, including you. We deeply regret any inconvenience or concern this may have caused you.

Unfortunately, it appears that the breach was facilitated by vulnerabilities in personal security measures that are the responsibility of our customers. While we take extensive measures to protect your data, such as advanced encryption protocols and regular security audits, we also rely on our customers to maintain robust personal security practices.

We understand that your trust in us has been shaken, and we sincerely apologize for any distress this incident has caused. We are actively investigating the breach and have already taken steps to enhance our security protocols to prevent such incidents in the future.

To safeguard your information, we encourage you to review and strengthen your personal security practices, including updating passwords regularly and being cautious of phishing attempts. Additionally, please be assured that we are working tirelessly to enhance our security measures to protect your data better.

Once again, we apologize for any inconvenience caused by this incident and thank you for your continued trust in AT&T. If you have any questions or concerns, please do not hesitate to contact our customer service team at [Customer Service Number].

Sincerely,

[Your Name]
Customer Relations Team
AT&T
Unless you copied and pasted this from somewhere else, I'd say you missed your calling 👏
 
  • Like
Reactions: Nevi

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top