U.S. phone giant AT&T confirmed Friday it will begin notifying millions of consumers about a fresh data breach that allowed cybercriminals to steal the phone records of “nearly all” of its customers. TechCrunch:

In a statement, AT&T said that the stolen data contains phone numbers of both cellular and landline customers, as well as AT&T records of calls and text messages – such as who contacted who by phone or text – during a six-month period between May 1, 2022 and October 31, 2022. AT&T said some of the stolen data includes more recent records from January 2, 2023 for a smaller but unspecified number of customers.

The stolen data also includes call records of customers with phone service from other cell carriers that rely on AT&T’s network, the company said. […] In all, the phone giant said it will notify around 110 million AT&T customers of the data breach, company spokesperson Andrea Huguely told TechCrunch.

  • einlander@lemmy.world
    link
    fedilink
    English
    arrow-up
    14
    ·
    4 months ago

    I’m beyond tired of these corporations that get hacked and now it’s on the user to mitigate the damage. I’ve been through the PSN hack, Att, T-Mobile, yahoo, eBay, multiple state hacks, Experian, lastpass, etc.

    It this point I might as well have a lifetime free subscription to credit and identity monitoring services given to me by the hacked entities. And the monitoring services don’t go anything.

    I’m just tired.

    • Admiral Patrick@dubvee.orgOP
      link
      fedilink
      English
      arrow-up
      10
      arrow-down
      1
      ·
      edit-2
      4 months ago

      Same.

      AT&T’s Huguely told TechCrunch that the most recent compromise of customer records were stolen from the cloud data giant Snowflake

      Snowflake allows its corporate customers, like tech companies and telcos, to analyze huge amounts of customer data in the cloud. It’s not clear for what reason AT&T was storing customer data in Snowflake, and the spokesperson would not say.

      They want to collect all this data (though in this case, the data makes sense to have on file), but also shuffle it around to all kinds of other companies for “reasons”.

      With so many (unnecessary) links in the chain, there’s always a weak one that gets breached. Always.

      And, like you said, it’s on the user to deal with the fallout.

    • jqubed@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      4 months ago

      I was caught in the earlier breach and their offer was a year of monitoring. I don’t think that’s nearly enough and am looking at my options. But ultimately there needs to be stronger ramifications for these kinds of breaches or it will continue to be cheaper for the companies to just let them happen than to put robust protections into place.