• Uncategorized

    The hackers stole call and text data from nearly all customers of AT&T

    admin Posted on

    AT&T and the US Securities and Exchange Commission: Anytimes a Chance for Consumers to Learn More about the Data Breasure

    AT&T said in a US Securities and Exchange Commission filing that it learned about the data breach on April 19. Attackers stole information between April 14 and April 25. The SEC submission says that the US Justice Department gave the company permission to delay disclosure on May 9 and again on June 5. AT&T said it is working with law enforcement to try and get those involved in the incident. At least one person has been taken into custody.

    It was the U.S. Justice Department that determined that a delay in providing public disclosure was necessary.

    The data does not include substance or time stamps of calls and texts or birthdays, AT&T says. However there is a catch.

    “While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number,” it cautions.

    The company set up a page where customers can check to see if their information was involved and they will be notified by email or text.

    It offers some evergreen advice for those worried about potential online fraud, including not reply to a text from an unknown sender with personal details and making sure websites are secure by looking for the “s” after ” http”.

    It adds that customers who suspect suspicious text activity should forward the message to AT&T, and report any suspected fraud on their AT&T wireless account to its team.

    AT&T is Getting Closed: Cybercriminals Smell Like Call Data Records in Cyber-Sharing Attacks on Snowflake

    It said in March that it had reset the passcodes of about 7.6 million users after it discovered a dataset on the “dark web” containing Social Security numbers and other personal information of some 70 million current and former account holders.

    The incident is significant not only because of its sheer scale and reach but because AT&T says it is the latest in a staggering spate of data thefts that resulted from attackers compromising organizations’ Snowflake cloud accounts. Snowflake is a data warehousing platform, and attackers collected its customers’ account credentials in recent months to steal hundreds of millions of records from about 165 Snowflake clients, including Ticketmaster, Santander bank, and LendingTree’s QuoteWizard.

    “Yeah, this is really bad,” says Jake Williams, vice president of research and development at the cybersecurity consultancy Hunter Strategy. “What the threat actors stole here are essentially call data records. These are a gold mine in intelligence analysis because they allow someone to understand networks—who is talking to whom and when. And threat actors have data from previous compromises to map phone numbers to identities. Closed networks are almost always interesting and without identifying data for a telephone number, they are even more so.

    Tagged:

    admin
    View all posts

    You Might Also Like