From Krebes on Security we get the following. Hackers Steal Phone, SMS Records for Nearly All AT&T Customers
Someday companies will take data security seriously, but it is not this day. (With apologies to Aragorn.)
AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T said it delayed disclosing the incident in response to “national security and public safety concerns,” noting that some of the records included data that could be used to determine where a call was made or text message sent.
This is another hack tied to the initial hack of Snowflake that we (I) found out about in the early of June.
But back to the article at the top.
Wired reported last month how the hackers behind the Snowflake data thefts purchased stolen Snowflake credentials from dark web services that sell access to usernames, passwords and authentication tokens that are siphoned by information-stealing malware. For its part, Snowflake says it now requires all new customers to use multi-factor authentication.
New customers, but not existing customers?
This is a problem, even if you don't use AT&T yourself, but if you call or text people who do. The scammers now have a whole lot of information about who is calling/texting you. This kind of thing makes detecting scams a lot harder. Phishing is still a thing.
AT&T isn't alone in being hacked due to Snowflake.
Other companies with millions of customer records stolen from Snowflake servers include Advance Auto Parts, Allstate, Anheuser-Busch, Los Angeles Unified, Mitsubishi, Neiman Marcus, Progressive, Pure Storage, Santander Bank, State Farm, and Ticketmaster.
But you know it is bad when they start lamenting the impact on National Security.
“This data is some of the most detailed data that a telephone company holds on its customers,” said Gus Hosein, executive director at London-based rights group Privacy International. “Drawing out who is speaking to who, and when gives you a map of our personal lives. This is why law enforcement and intelligence agencies are always trying to get their hands on exactly this data, and it’s why it must be secured.” [source: AT&T Hack Undermines US National Security, Experts Say]
If you're interested in video about how all of this came about, including what you can do to protect yourself, and what you can expect in terms of scams and scam phone calls, see the video from Mutahar at SomeOrdinaryGamers - The AT&T Hack Is Really Bad....
And if you don't recognize the reference to Aragorn above, all I can say is, "What's wrong with you?"
No comments:
Post a Comment
Comment Moderation is in place. Your comment will be visible as soon as I can get to it. Unless it is SPAM, and then it will never see the light of day.
Be Nice. Personal Attacks WILL be deleted. And I reserve the right to delete stuff that annoys me.