The telecommunications giant AT&T disclosed a security breach where almost all customer data was downloaded to a third-party platform. This incident, along with a global rise in cyberattacks against various entities, has raised concerns about data security.

The breach, made public by AT&T, occurred over a five-month period in 2022, affecting mobile customers, virtual network operators using AT&T's network, and landline customers associated with cellular numbers.

According to AT&T, approximately 109 million customer accounts were impacted by the breach, but the company stated that the data is not believed to be publicly accessible.

The compromised data does not include sensitive information like call or text content, Social Security numbers, or birthdates. However, cybersecurity experts warn that even seemingly innocuous data can be used to track individuals and potentially invade their privacy.

An internal investigation revealed that the breached data includes records of calls and texts between May 1, 2022, and October 31, 2022. AT&T identified the third-party platform as Snowflake and confirmed that the breach was confined to a specific workspace and did not affect the overall network.

Growing risks

Experts highlight the growing risks associated with the vast amount of data stored by companies on cloud platforms. The complexity of detecting and investigating breaches has significantly increased as organizations rely more on cloud and SaaS technologies.

AT&T is continuing its investigation with cybersecurity experts to understand the breach's scope. The company has already made one arrest related to the incident.

The compromised data also includes records from January 2, 2023, for a small number of customers, detailing interactions of mobile numbers during that period.

Law enforcement agencies like the FBI and the Department of Justice have been collaborating with AT&T to address the breach and ensure data security. However, the breach has prompted further investigations by regulatory bodies like the Federal Communications Commission.

Alongside the AT&T breach, other major data breaches have occurred this year, indicating a growing cyber threat to various sectors, including education and healthcare.