The stolen data includes 110 million AT&T customer phone numbers, calling and text records, and some location-related data.

U.S. phone giant AT&T confirmed Friday it will begin notifying millions of consumers about a fresh data breach that allowed cybercriminals to steal the phone records of “nearly all” of its customers. TechCrunch:

In a statement, AT&T said that the stolen data contains phone numbers of both cellular and landline customers, as well as AT&T records of calls and text messages – such as who contacted who by phone or text – during a six-month period between May 1, 2022 and October 31, 2022. AT&T said some of the stolen data includes more recent records from January 2, 2023 for a smaller but unspecified number of customers.

The stolen data also includes call records of customers with phone service from other cell carriers that rely on AT&T’s network, the company said. […] In all, the phone giant said it will notify around 110 million AT&T customers of the data breach, company spokesperson Andrea Huguely told TechCrunch.

  • Admiral Patrick@dubvee.orgOPEnglish
    101·
    4 months ago

    Same.

    AT&T’s Huguely told TechCrunch that the most recent compromise of customer records were stolen from the cloud data giant Snowflake

    Snowflake allows its corporate customers, like tech companies and telcos, to analyze huge amounts of customer data in the cloud. It’s not clear for what reason AT&T was storing customer data in Snowflake, and the spokesperson would not say.

    They want to collect all this data (though in this case, the data makes sense to have on file), but also shuffle it around to all kinds of other companies for “reasons”.

    With so many (unnecessary) links in the chain, there’s always a weak one that gets breached. Always.

    And, like you said, it’s on the user to deal with the fallout.