AT&T recently announced a major cyberattack compromising sensitive customer data at several of its clients.
Hackers tapped into a cloud platform, Snowflake, which houses customer data; in doing so, they gained access to call and text message logs during a six-month period in 2022. Snowflake enlisted the help of cybersecurity software vendor CrowdStrike and Alphabet’s Mandiant to investigate the breach. Mandiant has said through the “Victim Notification Program” the company and Snowflake have alerted 165 organizations that were potentially exposed in the incident. The incident has also been blamed on a financially motivated group referred to as UNC5537.
Other companies are connected to the Snowflake breach, including Advance Auto Parts, Lending Tree, Live Nation, and Santander Bank. AT&T is a much bigger company, with many more customers, and while the data does not include customer names, there are ways for hackers to find the name associated with a specific phone number.
Snowflake recommends administrators enforce the mandatory use of multi-factor authentication. Without this turned on, usernames and passwords can be sufficient for attackers to enter customers’ environments. To learn more about the incident, visit here.