AT&T: Hackers accessed call logs via Snowflake
Add Axios as your preferred source to
see more of our stories on Google.
Photo: Jakub Porzycki/NurPhoto via Getty Images
Hackers seized access to several months of AT&T call logs in a sweeping cybersecurity breach via Snowflake, a third-party cloud computing platform, Axios has learned.
Why it matters: The cybersecurity attack affects nearly all AT&T cellphone users, according to the telecommunications giant.
- The company had more than 127 million connected devices at the end of 2023, according to its annual report.
Threat level: The stolen data includes "records of calls and texts" between May 1 and Oct. 31, 2022, and some info from Jan. 2, 2023, AT&T said today.
- The hackers did not obtain the content of the calls or texts, users' personal information, or the time stamps, AT&T said.
Zoom in: AT&T confirmed the data was illegally downloaded via third-party cloud computing platform Snowflake.
- Axios Codebook's Sam Sabin reported in June that some 165 organizations had been notified that their data may have been exposed via Snowflake hacking.
- A Snowflake source confirmed today the AT&T incident is connected with a breach that happened in April.
Yes, but: Using other publicly available data and hacks, the information "can be used to piece together events and who may be calling who," Thomas Richards, principal consultant at Synopsys Software Integrity Group, told Security Week.
- "This could impact people's private lives as private calls and connections could be exposed. The business phone numbers will be easy to identify and private numbers can be matched to names with public record searches. "
- "If you have somebody's metadata, you know when they go to work, where they go to work, where they sleep every night," Thomas Rid, director of the Alperovitch Institute for Cybersecurity Studies at Johns Hopkins University, told NBC News.
Behind the scenes: AT&T said in an SEC filing that it believes the hackers stole its call logs between April 14–25.
- The company said it found out on April 19 and notified federal law enforcement authoriites, who asked the company to delay reporting it while it investigated.
- AT&T, the FBI and the Justice Department "worked collaboratively," sharing "key threat intelligence to bolster" the investigation, the FBI told Axios in a statement.
The bottom line: AT&T said it has closed off the security breach and "we understand that at least one person has been apprehended."
