AT&T admitted a massive security failure on Friday. “We have discovered that AT&T customer data was illegally downloaded from our workplace to a third-party cloud platform,” the US telecom giant said on its website. “We have launched an investigation and engaged leading cybersecurity experts to determine the nature and scope of the problem.” It was revealed that “the downloaded data included telephone call and SMS records of almost all AT&T mobile customers from May 1, 2022 to October 31, 2022 and January 2, 2023. Other telephone numbers can be identified based on this metadata,” with whom an AT&T cell phone number interacted during this time. This includes landline customers.
Advertisement
The compromised data includes By group Cell site identification numbers associated with phone calls and text messages. This information can be used to determine the location of a cell phone user, which in turn can be used to create a movement profile. According to the company, this also includes metadata from customers with telephone services from other mobile providers based on AT&T’s network. The connection information also showed the number of calls made or text messages sent, as well as the total duration of conversations for certain days or months.
AT&T emphasizes that the content of calls and text messages was not part of the downloaded archive. There are also no time stamps. “Details” such as social security numbers, dates of birth or other personal information are also not affected. The names of customers who have been assigned a telephone number can be found using publicly available online tools. According to the network operator, the access point has now been “secured”, so there is no fear of further outflow. It is currently not believed that “the data is publicly available”. An AT&T spokesperson TechCrunch Explainedthat it would have to inform its approximately 110 million customers about the massive drop.
It is being told that the American citizen has been arrested in Turkey
According to the report, the leak, discovered in April, affected cloud data giant Snowflake. It was recently the target of several attacks in which customer data was illegally copied and some of it was already offered for sale on the darknet. The provider enables its corporate customers to analyze large amounts of information about end users in the computing cloud. For example, Ticketmaster (Live Nation) and Quotewizard, which sold tickets for Taylor Swift concerts, were affected by the attacks. Snowflake blamed its customers for the security breaches because they did not use multi-factor authentication to secure their accounts.
“We continue to work with law enforcement to identify those involved in the data theft,” AT&T said. “Based on the information we have, we believe at least one individual has been arrested.” According to 404 Media This is American citizen John Binnswho was recently arrested from his long-term residence in Turkiye. In 2021, the cyber gangster confessed to breaking into T-Mobile’s servers in the United States, in which he obtained the data of millions of customers relatively easily due to inadequate security precautions.
in one Blog post on the Snowflake case The cyber gang, known as UNC5537, consists of individuals “residing in North America and working with another member in Turkey,” IT security firm Mandiant wrote in June. AT&T was forced to reset the passwords of millions of customers earlier this year after their credentials were exposed on a cybercrime forum.
(USC)
