AT&T, a major US telecom and mobile network operator, has suffered a significant data breach involving the phone records of most of its customers for a six-month period in 2022. The breach is part of a series of attacks targeting customers of cloud data provider Snowflake.
The incident, disclosed in a filing with the SEC, was first reported on April 19, 2024, when a threat actor claimed to have stolen call logs from AT&T. The data accessed includes records of customer call and text interactions but does not contain personal information like social security numbers or dates of birth.
AT&T customers are being advised to take precautions against potential follow-on attacks, such as phishing scams. The breach is believed to be linked to cyber criminals gaining access to AT&T’s Snowflake environment.
Snowflake, which has seen over 160 of its customers breached recently, has strengthened its security measures by implementing multi-factor authentication (MFA) as a default for all users. This move is seen as a positive step in protecting user accounts from unauthorized access.
The true nature of the ongoing breaches, including the involvement of ShinyHunters claiming responsibility, remains unclear. Investigations are ongoing to determine the extent of the data theft and the potential impact on affected customers.