TLDR:
Approximately 109 million AT&T customer accounts were affected in a security breach that occurred over a five-month period in 2022. The stolen data, stored on a third-party platform, did not include sensitive information but could be used to trace users. The breach highlighted the risks associated with storing vast amounts of data on cloud platforms.
Article Summary:
The data of nearly all customers of AT&T was downloaded to a third-party platform in a security breach affecting approximately 109 million customer accounts. The breach occurred over five months in 2022 and targeted mobile customers, mobile virtual network operators, and landline customers who interacted with cellular numbers. The compromised data did not contain sensitive information like Social Security numbers or personal details, but could potentially be used to trace users.
AT&T identified the third-party platform as Snowflake, and the incident did not affect its network. The breach underscores the risks associated with storing large amounts of data on cloud platforms. Cybersecurity experts highlighted the dangers of the sheer volume of data companies store on these platforms, leading to increased complexity in detecting and investigating breaches.
The FBI and the Justice Department have been involved in investigating the breach, and at least one person has been apprehended. The Justice Department stated that earlier disclosure of the breach would pose a risk to national security and public safety. The Federal Communications Commission is also conducting an investigation into the breach, which came after a series of major data breaches earlier in the year.