AT&T data leak possibly linked to Snowflake incident

A data theft at the US telecommunications company AT&T is linked to the data stolen from Snowflake earlier this summer.

News of the AT&T data breach came to light on Friday after the company disclosed in a filing with the U.S. Securities and Exchange Commission that it had been the victim of a massive data breach affecting tens of millions of its wireless customers.

According to SC US, the incident was caused by an illegal download from a third-party cloud platform and affected nearly all mobile customers, as well as users of virtual mobile network operators using AT&T’s network, and landline customers who interacted with those numbers between May 1 and October 31, 2022.

Incident investigation

When AT&T discovered the breach on April 19, the company launched an investigation and took action to block the illegal access point. The company stressed that this incident was unrelated to an earlier breach in the spring.

AT&T assured customers that the stolen data did not include call or text content or personal information such as social security numbers or dates of birth.

AT&T also stated that it believes the data is not currently publicly available.

Snowflake impact?

According to Tech Crunch, the customer data was stolen from Snowflake as part of a series of incidents the cloud data company has experienced recently. AT&T confirmed to SC US that the data theft occurred outside of its network and through Snowflake.

While Snowflake declined to comment on specific customers, it said: “We have found no evidence that this activity was caused by a security vulnerability, misconfiguration, or breach of Snowflake’s platform.”

Deeply disturbing

Javvad Malik, senior security awareness advocate at KnowBe4, added: “It is deeply troubling that an organization with AT&T’s size and resources failed to detect such a massive breach over such a long period of time. The fact that the breach continued into early 2023 and affected not only AT&T’s direct customers but also those of other carriers that use AT&T’s network underscores the far-reaching consequences of such incidents.

“The long-term impact of this breach cannot be overstated. The exposed data could be misused for sophisticated phishing attempts, identity theft, and other nefarious activities for years to come. It is a stark reminder that the impact of a data breach extends far beyond the initial incident and can have lasting consequences for the individuals affected.

“As the full extent of the breach continues to emerge, it serves as a wake-up call for both organizations and individuals. Organizations must prioritize cybersecurity and take strong measures to detect and prevent such incidents. Consumers, on the other hand, must become increasingly vigilant about their digital footprint and take steps to protect their personal data.”