AT&T Data Breach Leaks Over 109 Million Customer Accounts to Third-Party Platform

AT&T reported that over 109 million customers, or nearly all of them, had their call and text logs exposed to a third-party platform following a massive data breach affecting tens of millions of Americans.

In an SEC filing on Friday, AT&T said that millions of customer calls, texts, and partial user information for those accessing AT&T's wireless networks were exposed to the public.

A "very small number" of customer data from Jan. 2, 2023, were also believed to have been leaked, all of which were "unlawfully accessed" and illegally downloaded on a third-party cloud platform called Snowflake.

AT&T claimed it only learned about the data leaks earlier in April after it detected a threat actor accessing the company's call logs from its workspaces to the cloud space.

DOJ, FBI Hid AT&T Data Breach Until July

The data leakage was only disclosed to the public this month after the Department of Justice and the Federal Bureau of Investigation noted that a delay in disclosure was warranted.

This is in addition to the over 73 million customer accounts disclosed on the dark web following a service disruption earlier in February.

The Federal Communication Commission has already announced an investigation regarding the data network's latest cyberattack incident.

Snowflake Data Leaks Felt Across Major US Tech Firms

This was not the first time millions of data were leaked on Snowflake as cyberattacks continue to hit major tech firms like AT&T for their vital customer data.

Illegally extracted data from Ticketmaster and Santander Bank were later found on the cloud platform as hackers demanded ransom money for the stolen customer data.

Google's cybersecurity wing Mandiant believes that vital customer data from over 165 organizations, many of which are based in North America, were exposed on Snowflake in the past few years.

Snowflake has since promised to improve detection systems and stricter protection against similar data leaks.