Massive Snowflake-linked attack exposes data on nearly 110M AT&T customers
Cybersecurity Dive
|
Contributed by: Drex DeFord
Summary
AT&T reported a cyberattack on its Snowflake environment that compromised data of nearly all of its wireless customers, affecting approximately 110 million individuals. The breach included records of customers' calls and text messages over a six-month period ending October 31, 2022, and January 2, 2023, but did not expose the content of the communications or personal identifiers. However, it did include phone numbers, interaction counts, and call durations. The incident was part of a broader wave of attacks on Snowflake customers, exploiting stolen credentials from infostealer malware. AT&T detected the breach on April 19 and acted swiftly, involving cybersecurity experts and cooperating with law enforcement. The company has enhanced its cybersecurity measures and will notify affected customers, while the FBI and DOJ granted delays in disclosure due to national security concerns.
