AT&T Data Breach

Big news: AT&T just got hit by a major data breach, exposing phone numbers and metadata from calls and texts for nearly all their wireless customers, plus customers from other major providers. This happened through Snowflake, a third-party cloud platform.

What makes this even more shocking is that AT&T waited three months to disclose the breach due to the Department of Justice's involvement, which included arrests related to the crime.

Hackers accessed AT&T’s data between April 14 and April 25, 2023, stealing call and text records from May 1 to October 31, 2022, and January 2, 2023. The breach affects "nearly all" AT&T wireless customers and likely customers of MVNOs like Boost Mobile and Cricket Wireless.

Though the most sensitive info hasn't shown up online yet, security experts warn that the stolen data, including cell site IDs, could be used for targeted attacks and to track individuals’ locations. Even the metadata can provide a detailed picture of users’ habits and be exploited for phishing and identity theft.

Stay safe and vigilant!

Catch you in the next update! :)