Subscribe to receive Urgent Communications Newsletters
Catch up on the latest tech, media, and telecoms news from across the critical communications community
Massive Snowflake-linked attack exposes data on nearly 110M AT&T customers
1 Min Read
A cyberattack targeting AT&T’s Snowflake environment compromised data on nearly all of the telecom provider’s wireless customers, the company said in a Friday filing with the Securities and Exchange Commission. Nearly 110 million customers are impacted, according to AT&T’s annual report for the period of compromised data.
Data stolen during the intrusion includes records of AT&T customers’ calls and text messages spanning a six-month period ending Oct. 31, 2022, and records from Jan. 2, 2023, the company said in the SEC filing.
The attack did not expose the content of calls or text messages, customer names or personally identifiable information, according to AT&T. Yet, the stolen records include the phone numbers AT&T wireless customers interacted with, counts of those interactions and aggregate call duration for a day or month.
AT&T is one of at least 100 companies impacted by a wave of attacks targeting Snowflake customer environments. AT&T spokesperson Andrea Huguely told Cybersecurity Dive the customer data was stolen from the carrier’s Snowflake database.
The attacks targeting Snowflake customers were not caused by a vulnerability, misconfiguration or breach of Snowflake’s systems, Mandiant said last month in a threat intelligence report.
Stolen credentials obtained from multiple infostealer malware infections on non-Snowflake owned systems were the point of entry for the attacks, Mandiant said. Impacted customer accounts were not configured with multifactor authentication.
To read the complete article, visit Cybersecurity Dive.
