Sitrep - U.S.: AT&T Breach Impacts 'Nearly All' Customers

[Art Hunter]

This is very serious hacking.   

View This Email in Your Browser

U.S.: AT&T Breach Impacts 'Nearly All' Customers What Happened: U.S. telecommunications company AT&T announced on July 12 that hackers had downloaded call and text message data from its subscribers due to a breach at a third-party cloud platform provided by Snowflake. The stolen data was mostly from 2022 and impacted nearly all of AT&T's 90 million wireless customers, customers of mobile virtual network operators running on the company's networks, and AT&T landline customers who interacted with compromised cell numbers, putting the total number of exposed customers at just under 110 million.   Why It Matters: The stolen data does not include what users said on the calls or in the messages, nor does it reveal personal information, such as names, social security numbers or dates of birth, though phone numbers could be matched to names using public databases. In some cases, the stolen data also included estimated locations, providing not only a record of which phone numbers customers were in contact with and for how long, but also where they have been with their smartphones. While AT&T said it does not believe the stolen records have been published online, the hackers could decide to sell them or post them online at any time, posing serious privacy risks for individuals and offering cybercriminals opportunities to conduct new campaigns. For instance, threat actors could use phone numbers users frequently contact to carry out extortion campaigns impersonating banks, family members or employers, and they could use location data for stalking, doxxing or blackmail.  Background: AT&T is the latest high-profile customer impacted by the ongoing campaign targeting Snowflake customers that have not implemented multi-factor authentication, though AT&T has not publicly stated whether or not it had implemented multi-factor authentication on its Snowflake account. In April, threat actors began downloading Snowflake databases of at least 165 organizations using credentials obtained with information-stealing malware. The AT&T breach also follows a previous data breach at the company in March that exposed 73 million current customers and former accounts on the dark web.  Read More:  Trump vs. Biden: The Implications for U.S. Tech Regulation (May 2, 2024) In the Absence of a Federal Framework, U.S. States Enact Their Own Data Privacy Laws (Jan. 16, 2024) Network Intelligence Report: Navigating the Risks of a Multipolar World (Feb. 15, 2023)

Trending Themes & Topics Assessments Situation Reports Snapshots Forecasts

RANE Network Inc. • 260 Madison Avenue, 8th Floor • New York, NY 10016 Copyright ©2024. All rights reserved.

--

Art Hunter- Canadian Association for the Club of Rome (canadiancor.com)

What we do  (436) CACOR Splash v5 - YouTube

YouTube postings CACOR YouTube - Canadian Association for the Club of Rome (canadiancor.com)

[Bob Este]

Good morning everyone — So, what scenarios can you spin where so-called A.I.s are “trained” on all the data acquired from this so-called “breach”, what other data breaches (or just “plain vanilla data streams”) are also used in such “training”, and who, or what, would wish to make use of such “training”, for what purposes, and why? 

(To reduce mailbox clogging I’ve clipped Art’s original “RANE worldview” message content. If you haven’t read the original, I recommend you do so.)

Onwards / best wishes to all / Bob Este

Skickas från ca 1,8 m över planetens yta.