Data leaks and breaches have become relentless—and huge. This week sees yet another one hit the news, with AT&T revealing that call and text message data logs for almost all wireless customers were stolen.
Disclosed via a securities filing on Friday, the data spans a six-month period between May 1 and October 31, 2022. Logs that showed phone numbers texted or called by AT&T wireless subscribers were downloaded, as well as call length and frequency of interaction with contacts. Currently, AT&T says that neither communication content nor exact times of contact are not part of the breach. Stolen call data is also limited to U.S. and Canadian numbers.
The hack affects nearly all of AT&T’s subscriber base during that time, around 110 million users based on active devices on the network, and including users with affiliated virtual operators (MNVOs) like Cricket and h2o Wireless. Records from January 2, 2023 were also accessed for a small slice of users, as was specific cell phone tower usage. The latter can allow bad actors to extrapolate the location for individual phone numbers.
AT&T says Snowflake, a third-party cloud storage service recently at the center of the Ticketmaster data breach in May, was the source of the data breach. Snowflake has since said its platform shows no unauthorized access.
You can read more about the breach in CNN’s rundown, including details about the delay in disclosure—initially aware of the breach by late April, AT&T held its filing until the FBI conducted an analysis of the stolen data for potential risks to national security. AT&T also says it does not believe the data has been released publicly yet, unlike the company’s huge leak of landline customer data, which included social security numbers.
You can get a heads-up on your info hitting the dark web through services like Google, which recently announced it would offer this feature for free. You can get a heads-up on your info hitting the dark web through services like Google, which recently announced it would offer this feature for free.PCWorld
You can get a heads-up on your info hitting the dark web through services like Google, which recently announced it would offer this feature for free.PCWorld
PCWorld
In the meanwhile, while we wait to see if the data does eventually leak, you can take preventative steps to protect yourself and your online presence:
As additional measures, it’s wise to lock down your social media accounts—by not publicly sharing your whereabouts and habits from snoops, it gives them less material to use when trying to enact scams. You can also preemptively switch to encrypted forms of communication, if you’re concerned about the contents of your chats getting revealed.
So far, data breaches haven’t yet spilled the beans on the full intimate details of our personal lives—but at the rate that these keep piling up (and their scope), it seems like a matter of time before the messy details of our lives become revealed without permission.
Security Software and Services