What you must knowHackers stole phone records of over 100 million AT&T customers from 2022, together with phone numbers, name/textual content counts, durations, and cell web site IDs.AT&T reported the breach to the SEC and is working with legislation enforcement, resulting in the arrest of a suspect.Mandiant attributed the breach to UNC5537, seemingly motivated by monetary acquire.Hackers nabbed phone records of over 100 million AT&T customers from 2022, together with data akin to phone numbers, name/textual content counts, durations, and cell web site identification numbers, TechCrunch stories.AT&T has already reported the data breach to the U.S. Securities and Exchange Commission. The firm can also be working intently with legislation enforcement to type this out, and it’s paying off—they’ve already caught a suspect linked to the breach.In its SEC submitting, AT&T disclosed that cybercriminals accessed and stole buyer name and textual content data protecting May 1, 2022, to October 31, 2022, plus one other breach on January 2, 2023, affecting just a few customers. The investigation reveals the breach occurred between April 14 and April 25, 2024.Furthermore, AT&T instructed TechCrunch that the data breach affected customers of different networks utilizing AT&T’s infrastructure. This consists of name records for customers of Cricket Wireless, Boost Mobile, and Consumer Cellular.AT&T says it should attain out to all 110 million affected customers quickly to maintain everybody within the loop in regards to the breach. Plus, it has arrange an internet site the place you’ll find solutions and information about what occurred.An AT&T spokesperson confirmed to TechCrunch that the breach stemmed from a hacked account on Snowflake, a third-party cloud platform. Similar breaches at Ticketmaster and QuoteWizard have been additionally linked to Snowflake. The cloud firm blamed the dearth of multi-factor authentication on the AT&T account, underscoring the necessity for robust cybersecurity from each customers and distributors.Snowflake permits firms to maintain in depth buyer data within the cloud for evaluation. AT&T hasn’t clarified why it needs to research such giant quantities of data or why it is utilizing Snowflake for storage, as per TechCrunch.Get the newest information from Android Central, your trusted companion on the planet of AndroidCybersecurity specialists at Mandiant have attributed the data breach to UNC5537, an unidentified cybercriminal group. Mandiant suggests the assault was seemingly financially motivated, that means the stolen data may very well be used for fraud.At the very least, hackers did not entry the content material of calls and texts, or any private info like names, Social Security numbers, or dates of delivery. However, regardless that buyer names weren’t half of the breach, it is nonetheless doable to match a reputation with a phone quantity utilizing on-line instruments.A giant problem right here is the delay in telling the general public. AT&T knew in regards to the breach in April however held off on asserting it twice. TechCrunch stories that the FBI, AT&T, and the Department of Justice agreed to maintain it quiet as a consequence of nationwide safety and security considerations. The specifics aren’t clear, however this delay raises transparency questions and reveals how difficult balancing cybersecurity and nationwide safety may be.This current breach is one other hit to AT&T’s cybersecurity efforts, coming quickly after a separate leak earlier this yr that affected over 70 million customers. While AT&T claims the incidents are unrelated, the back-to-back breaches elevate severe questions in regards to the firm’s data safety technique and its potential to guard buyer info.
https://www.androidcentral.com/phones/carriers/atandt-data-breach-compromised-phone-records-of-nearly-all-its-customers
