In a statement, AT&T said that the stolen data contains phone numbers of both cellular and landline customers, as well as AT&T records of calls and text messages — such as who contacted who by phone or text — during a six-month period between May 1, 2022 and October 31, 2022.
AT&T said some of the stolen data includes more recent records from January 2, 2023 for a smaller but unspecified number of customers.
The stolen data also includes call records of customers with phone service from other cell carriers that rely on AT&T’s network, the company said.
AT&T said the stolen data “does not contain the content of calls or texts,” but does include calling and texting records that an AT&T phone number interacted with during the six-month period, as well as the total count of a customer’s calls and texts, and call durations — information that is often referred to as metadata. The stolen data does not include the time or date of calls or texts, AT&T said.
Some of the stolen records include cell site identification numbers associated with phone calls and text messages, information that can be used to determine the approximate location of where a call was made or text message sent.
…
AT&T’s Huguely told TechCrunch that the most recent compromise of customer records were stolen from the cloud data giant Snowflake during a recent spate of data thefts targeting Snowflake’s customers.
…
Snowflake blamed the data thefts on its customers for not using multi-factor authentication to secure their Snowflake accounts, a security feature that the cloud data giant did not enforce or require its customers to use.
Cybersecurity incident response firm Mandiant, which Snowflake called in to help with notifying customers, later said about 165 Snowflake customers had a “significant volume of data” stolen from their customer accounts.
I think they’re trying to reassure their customers that if their account is secured, they’re safe. That is, it’s not some other problem on Snowflake’s end that they have no control over. But in...
I think they’re trying to reassure their customers that if their account is secured, they’re safe. That is, it’s not some other problem on Snowflake’s end that they have no control over.
But in retrospect, at least, security is clearly too lax, and both the customer and the vendor is to blame for allowing password-only accounts at all. A data warehouse isn’t a consumer app, it’s a place where businesses commonly store huge amounts of customer data.
From the article:
…
…
Are they saying 2fa would have stopped this data breach? and poor AT&T and Snowflake shouldn't be blamed for it.
I think they’re trying to reassure their customers that if their account is secured, they’re safe. That is, it’s not some other problem on Snowflake’s end that they have no control over.
But in retrospect, at least, security is clearly too lax, and both the customer and the vendor is to blame for allowing password-only accounts at all. A data warehouse isn’t a consumer app, it’s a place where businesses commonly store huge amounts of customer data.