{"id":24876,"date":"2024-07-12T06:10:06","date_gmt":"2024-07-12T14:10:06","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2024\/07\/12\/news-18606\/"},"modified":"2024-07-12T06:10:06","modified_gmt":"2024-07-12T14:10:06","slug":"news-18606","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2024\/07\/12\/news-18606\/","title":{"rendered":"&#8220;Nearly all&#8221; AT&amp;T customers had phone records stolen in new data breach disclosure"},"content":{"rendered":"\n<p>In a d\u00e9j\u00e0-vu nightmare, US phone giant AT&amp;T has <a href=\"https:\/\/www.att.com\/support\/article\/my-account\/000102979\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">notified<\/a> customers that cybercriminals managed to download phone call and text message records of &#8220;nearly all of AT&amp;T cellular customers from May 1, 2022 to October 31, 2022 as well as on January 2, 2023&#8221;.<\/p>\n<p>In a <a href=\"https:\/\/www.sec.gov\/ix?doc=\/Archives\/edgar\/data\/0000732717\/000073271724000046\/t-20240506.htm\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">filing<\/a> with the Securities and Exchange Commission (SEC), AT&amp;T said:<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cOn April 19, 2024, AT&amp;T Inc. (\u201cAT&amp;T\u201d) learned that a threat actor claimed to have unlawfully accessed and copied AT&amp;T call logs.\u201d<\/p>\n<\/blockquote>\n<p>AT&amp;T says the customer data was illegally downloaded from its workspace on a third-party cloud platform. This might be related to the <a href=\"https:\/\/www.threatdown.com\/blog\/snowflake-breach-looks-like-165-individual-incidents\/\" target=\"_blank\" rel=\"noreferrer noopener\">Snowflake incidents<\/a> we have seen several of by now.<\/p>\n<p>In the statement, AT&amp;T specifies which data it believes was stolen:<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cThe call and text records identify the phone numbers with which an AT&amp;T number interacted during this period, including AT&amp;T landline (home phone) customers. It also included counts of those calls or texts and total call durations for specific days or months.\u201d<\/p>\n<\/blockquote>\n<p>And which data is unlikely to be included:<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cThe downloaded data doesn\u2019t include the content of any calls or texts. It doesn\u2019t have the time stamps for the calls or texts. It also doesn\u2019t have any details such as Social Security numbers, dates of birth, or other personally identifiable information.\u201d<\/p>\n<\/blockquote>\n<p>Even though the data doesn\u2019t include customer names, there are many easy ways to find the name that&#8217;s associated with a phone number.<\/p>\n<p>This is the second time AT&amp;T has disclosed a security incident this year. Back in March, <a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2024\/04\/att-confirms-73-million-people-affected-by-data-breach\">AT&amp;T confirmed<\/a> that 73 million people had been affected in a breach that people had been <a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2024\/03\/the-att-breach-what-you-need-to-know\">speculating about for some time<\/a>.<\/p>\n<h2 class=\"wp-block-heading\" id=\"h-protecting-yourself-after-a-data-breach\">Protecting yourself after a data breach<\/h2>\n<p>There are some actions you can take if you are, or suspect you may have been, the <a href=\"https:\/\/www.malwarebytes.com\/blog\/personal\/2023\/09\/involved-in-a-data-breach-heres-what-you-need-to-know\">victim of a data breach<\/a>.<\/p>\n<ul>\n<li><strong>Check the vendor&#8217;s advice.<\/strong> Every breach is different, so check with the vendor to find out what&#8217;s happened, and follow any specific advice they offer.<\/li>\n<li><strong>Change your password.<\/strong> You can make a stolen password useless to thieves by changing it. Choose a&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.malwarebytes.com\/computer\/how-to-create-a-strong-password\" target=\"_blank\">strong password<\/a>&nbsp;that you don&#8217;t use for anything else. Better yet, let a&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.malwarebytes.com\/what-is-password-manager\" target=\"_blank\">password manager<\/a>&nbsp;choose one for you.<\/li>\n<li><strong>Enable two-factor authentication (2FA).<\/strong> If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.malwarebytes.com\/glossary\/multi-factor-authentication-mfa\" target=\"_blank\">two-factor authentication (2FA)<\/a>&nbsp;can be phished just as easily as a password. 2FA that relies on a FIDO2 device can\u2019t be phished.<\/li>\n<li><strong>Watch out for fake vendors.<\/strong> The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify the&nbsp;identity of anyone who contacts you&nbsp;using a different communication channel.<\/li>\n<li><strong>Take your time.<\/strong> Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.<\/li>\n<li><strong>Consider not storing your card details<\/strong>. It&#8217;s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.<\/li>\n<li><strong>Set up identity monitoring.<\/strong> <a href=\"https:\/\/go.cyrus.app\/MN4j\/fkkekmw9\" target=\"_blank\" rel=\"noreferrer noopener\">Identity monitoring<\/a> alerts you if your personal information is found being traded illegally online, and helps you recover after.<\/li>\n<\/ul>\n<h2 class=\"wp-block-heading\" id=\"h-check-your-digital-footprint\">Check your digital footprint<\/h2>\n<p>Malwarebytes has a free tool for you to check how much of your personal data has been exposed online. Submit your email address (it\u2019s best to give the one you most frequently use) to our free Digital Footprint scan and we\u2019ll give you a report and recommendations.<\/p>\n<div class=\"wp-block-malware-bytes-button mb-button\" id=\"mb-button-7ba16f0b-04e8-4679-9512-2f21a0971dcf\">\n<div class=\"mb-button__row u-justify-content-center\">\n<div class=\"mb-button__item mb-button-item-0\">\n<p class=\"btn-main\"><a href=\"https:\/\/www.malwarebytes.com\/digital-footprint?utm_source=blog&amp;utm_medium=social&amp;utm_campaign=b2c_pro_acq_fy25dfplaunch_171269600960&amp;utm_content=V1\"><\/a><a href=\"https:\/\/www.malwarebytes.com\/digital-footprint\">SCAN NOW<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\" \/>\n<h2 class=\"wp-block-heading\" id=\"h-summer-mega-sale\">Summer mega sale<\/h2>\n<p>Go into your vacation knowing you&#8217;re much more secure: This summer you can get a huge <a href=\"https:\/\/try.malwarebytes.com\/summer-mega-sale\/blog\"><strong>50%\u00a0off\u00a0a Malwarebytes Standard subscription<\/strong> or <strong>Malwarebytes Identity bundle<\/strong><\/a>. Run, don&#8217;t walk!<\/p>\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-1 wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button\"><a class=\"wp-block-button__link has-white-color has-blue-background-color has-text-color has-background has-link-color wp-element-button\" href=\"https:\/\/try.malwarebytes.com\/summer-mega-sale\/blog\/\"><strong>SAVE 5<\/strong>0<strong>% TODAY<\/strong><\/a><\/div>\n<\/p><\/div>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2024\/07\/nearly-all-att-customers-had-phone-records-stolen-in-new-data-breach-disclosure\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p> AT&#038;T has told customers about yet another data breach. This time call and text records of nearly all customers were stolen. <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[14182,32,5897,14111,31492],"class_list":["post-24876","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-att","tag-news","tag-privacy","tag-records","tag-snowflake"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24876","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=24876"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24876\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=24876"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=24876"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=24876"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}