https://krebsonsecurity.com/2024/07/hackers-steal-phone-sms-records-for-nearly-all-att-customers
AT&T disclosed a major data breach affecting nearly all of its mobile customers, approximately 109 million people. Hackers accessed a cloud storage account on AT&T’s Snowflake platform and stole call records between May 2022 and January 2023.
The breached data includes phone numbers, the frequency and duration of calls and texts, and some cell site location data. However, it does not include the content of calls or texts, customer names, Social Security numbers, or dates of birth.
AT&T says they are working with law enforcement and believe at least one suspect has been apprehended. The company is also taking steps to improve its cybersecurity measures and will notify affected customers.
This breach highlights the growing risk of cloud-based data storage. Hackers recently targeted other companies using compromised credentials on Snowflake, a cloud data warehousing platform. AT&T says the stolen data has not been made public and is unrelated to a previous data breach earlier this year.