AT&T Breach May Also Impact Millions of Boost, Cricket, H2O Customers

  /     /     /  
Publicated : 23/11/2024   Category : security


AT&T Breach May Also Impact Millions of Boost, Cricket, H2O Customers


In the scrum, countless call and text records leaked, other cell companies caught strays, the DoJ became involved, and someone has already been arrested.



A breach of an AT&T cloud workspace has exposed phone numbers and metadata relating to calls and texts for nearly all AT&T wireless customers, as well as customers of other popular wireless providers.
In an 8-K filing
with the SEC on Friday, AT&T revealed that it suffered a major data breach via a third-party cloud platform.
As reported by Bloomberg
, that platform was Snowflake.
Leaked Snowflake account credentials
have already been the source of hundreds of breaches of other brand name companies, like
Ticketmaster
, Santander,
Neiman Marcus
, and more.
The gravity of AT&Ts case in particular is lost on few. While Securities and Exchange Commission (SEC) guidelines generally require that public corporations disclose material data breaches
within four days of their discovery
, AT&Ts occurred three months prior to its reporting. The wait can be attributed to the US Department of Justice (DoJ), which has been directly involved in its aftermath. On May 9, and then again on June 5, the DoJ determined that a delay in providing public disclosure was warranted. It also apprehended at least one person in connection to the crime.
AT&Ts hacker or hackers appear to have accessed its Snowflake workspace between April 14 and April 25 of this year.
During that 11-day window, they managed to exfiltrate records of customers calls and texts during two periods: from May 1 to Oct. 31, 2022, and on the day of Jan. 2, 2023.
The May to October haul includes records of calls and texts, including the phone numbers involved, and information such as the volume and cumulative duration of those calls. The Jan. 2 records also included cell site identification numbers (unique identifiers for cell towers).
Nearly all of AT&Ts wireless customers are affected, the company admitted, as well as customers of mobile virtual network operators (MVNOs) using AT&Ts network.
According to public resources
, those MVNOs likely include popular wireless service providers like Boost Mobile, Cricket Wireless, H2O, and Straight Talk Wireless.
Earlier this year,
data belonging to more than 70 million AT&T customers
leaked to the Dark Web. The trove included all the hallmark personally identifying information (PII) types, like Social Security numbers, mailing addresses, and dates of birth.
This time, none of the stolen data has as yet been observed on the public web, and customers most sensitive PII has remained untouched.
Still, AT&T warned, There are often ways, using publicly available online tools, to find the name associated with a specific telephone number.
Besides that, The inclusion of cell site identification numbers in the stolen data is particularly alarming, as it could potentially allow for the
triangulation of users locations
, Javvad Malik, lead security awareness advocate at KnowBe4, warned in an email. This adds a physical dimension to the already extensive privacy violation and could expose individuals to highly targeted and convincing social engineering attacks, not to mention compromising the physical security of individuals, such as those trying to escape abusive relationships.
The more generic metadata, he added, while perhaps not immediately recognized as sensitive, can paint a detailed picture of an individuals daily life, habits, and associations, making it a valuable asset for those with malicious intent.
The metadata can be used in follow-on attacks. The exposed data could be exploited for sophisticated phishing attempts, identity theft, and other nefarious activities for years to come, Malik wrote. It is a stark reminder that the repercussions of a data breach extend far beyond the initial incident and can have lasting consequences for the affected individuals.

Last News

▸ 27 Million South Koreans Hit by Online Gaming Theft. ◂
Discovered: 23/12/2024
Category: security

▸ Homeland Security Background Checks Breach Raises Concerns. ◂
Discovered: 23/12/2024
Category: security

▸ Fully committed to the future world of technology. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
AT&T Breach May Also Impact Millions of Boost, Cricket, H2O Customers