this post was submitted on 12 Jul 2024
39 points (95.3% liked)

Data Breaches

948 readers
40 users here now

Information about data breaches, data leaks, ransomware attacks, and other related stories.

Icon attribution

founded 1 year ago
MODERATORS
BrikoX
39
AT&T says criminals stole phone records of 'nearly all' customers in new data breach | TechCrunch (techcrunch.com)
submitted 1 month ago by [email protected] to c/databreaches
4 comments fedilink hide all child comments
 

U.S. phone giant AT&T confirmed Friday it will begin notifying millions of consumers about a fresh data breach that allowed cybercriminals to steal the phone records of "nearly all" of its customers. TechCrunch:

In a statement, AT&T said that the stolen data contains phone numbers of both cellular and landline customers, as well as AT&T records of calls and text messages -- such as who contacted who by phone or text -- during a six-month period between May 1, 2022 and October 31, 2022. AT&T said some of the stolen data includes more recent records from January 2, 2023 for a smaller but unspecified number of customers.

The stolen data also includes call records of customers with phone service from other cell carriers that rely on AT&T's network, the company said. [...] In all, the phone giant said it will notify around 110 million AT&T customers of the data breach, company spokesperson Andrea Huguely told TechCrunch.

top 4 comments
sorted by: hot top controversial new old
[–] [email protected] 14 points 1 month ago (2 children)

I'm beyond tired of these corporations that get hacked and now it's on the user to mitigate the damage. I've been through the PSN hack, Att, T-Mobile, yahoo, eBay, multiple state hacks, Experian, lastpass, etc.

It this point I might as well have a lifetime free subscription to credit and identity monitoring services given to me by the hacked entities. And the monitoring services don't go anything.

I'm just tired.

[–] [email protected] 9 points 1 month ago* (last edited 1 month ago)

Same.

AT&T’s Huguely told TechCrunch that the most recent compromise of customer records were stolen from the cloud data giant Snowflake

Snowflake allows its corporate customers, like tech companies and telcos, to analyze huge amounts of customer data in the cloud. It’s not clear for what reason AT&T was storing customer data in Snowflake, and the spokesperson would not say.

They want to collect all this data (though in this case, the data makes sense to have on file), but also shuffle it around to all kinds of other companies for "reasons".

With so many (unnecessary) links in the chain, there's always a weak one that gets breached. Always.

And, like you said, it's on the user to deal with the fallout.

[–] [email protected] 4 points 1 month ago (1 children)

I was caught in the earlier breach and their offer was a year of monitoring. I don’t think that’s nearly enough and am looking at my options. But ultimately there needs to be stronger ramifications for these kinds of breaches or it will continue to be cheaper for the companies to just let them happen than to put robust protections into place.

[–] [email protected] 3 points 1 month ago

stronger ramifications

I mean, we could burn the executives houses down with them inside...

That would send a pretty clear message