Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Hackers Steal Phone Records of 'Nearly All' AT&T Customers
- Thread starter MacRumors
- Start date
- Sort by reaction score
Does not really matter as the government keep way more information about us and their data security is like comical!
Same here, but didn't know about Innovis. Is that a recent addition to the current trinity of credit report agencies or one that is so small/inconsequential, no one even mentions it?
Doesn't matter if debit- or credit card, the change is just as high. You can only have the luck that the company handles it nicely. In most cases banks will just pay the money you've lost back, because it is cheaper for them to do just that than paying for a more secure system.
Yes! And since all the technology isn't perfect, there's always a change that data remains longer in storage and someone else can access it.
That's one of the reasons why I wish that Apple would make it possible that any function that uses iCloud, can also be redirected to a local storage that can do the same job.
Last edited:
‘Nearly ALL records’…. Nice to see they monitor their records access. And shut it down. Someone needs to go to prison before they will take customer privacy seriously.
Hackers broke into a cloud platform used by AT&T and accessed the phone records of "nearly all" of its cellular customers, AT&T announced on Friday.
AT&T said the stolen data contains phone numbers of both cellular and landline customers, as well as AT&T records of calls and text messages across a six-month period between May 1, 2022 and October 31, 2022.
AT&T said some of the stolen data includes more recent records from January 2, 2023 for a smaller, unspecified number of customers, as well as call records of customers with other cellular carriers that rely on AT&T's network.
Some of the records include cell site identification numbers linked to calls and texts, which can be used to work out the approximate location of where a call was made or message sent.
The downloaded data doesn't include the content of any calls or texts, or their time stamps, according to AT&T. It also doesn't have any details such as Social Security numbers, dates of birth, or other personally identifiable information.
AT&T said it learned of the data breach on April 19, and that it is unrelated to an earlier security incident in March. The company said it does not believe the data is publicly available at this time, and it continues to work with law enforcement to identify and apprehend those involved. At least one person is said to have been arrested.
AT&T told TechCrunch that the most recent compromise of customer records were stolen from the cloud data giant Snowflake during a recent spate of data thefts targeting Snowflake's customers. Other companies that have confirmed stolen data from Snowflake include Ticketmaster, QuoteWizard, and others.
Cybersecurity researchers from incident response firm Mandiant say the hacker group is mostly based in the US and those involved are financially motivated.
AT&T customers concerned about phishing and smishing scams should visit the company's support article, which also includes advice on how to protect yourself from online fraud.
Article Link: Hackers Steal Phone Records of 'Nearly All' AT&T Customers
here is a quick lookup online:
- iMessages are generally designed to be end-to-end (E2E) encrypted, meaning the messages are encrypted on the sender's device and can only be decrypted on the recipient's device. 12
- However, if iCloud backup is enabled, the iMessages are stored unencrypted on Apple's servers, meaning Apple can potentially access the message content. 34
also AT&T has many devices not only apple, and even apple does not send e2e to other devices like android. So sms is open book.
because I do not know how they can make use of them.
What do you think AT&T should've done, gone against Justice Department and FBI requests to delay public disclosure?
not sure how it works in your country, but AFAIK , Credit cards are backed up by the bank. If they steal your DEBIT card, you are on your own.
The breach occurred in 2022 but AT&T hasn't known about it since 2022. They've only known about it for three months or so.
Not entirely. The U.S. Electronic Fund Transfer Act can offer some protection for debit card users. Banks sometimes also offer additional protection for their debit card customers.
In my experience, it is far more difficult to get money back from fraud on a debit card than on an Amex card.
I pay my balances off monthly at most, but usually weekly, so there is no going into debt in my case. Also, I've had far more trouble getting my money back from fraud on my debit card than on my Amex card.
Did we read the same article? It said the data stolen was from mid-2022 and some of it was from 2023. How could 2023 data have been stolen in 2022? It was older data that was accessed and taken this year.
The funny thing about this is that AT&T has a (rather expansive) managed cybersecurity services division catering to businesses. I know that even with the best of systems in place you can still have breaches, but a breach of this magnitude doesn't exactly reflect well on the brand.
I used to work for a bank that offered credit cards. You are what we called a deadbeat. We made no money with people like you. I am also a deadbeat. I have not paid a penny in interest in the last 20 years.
Did you read my reply? My comment was in response to a poster's claim that AT&T knew about the breach since 2022. The primary breach occurred over a six month period between May 2022 and October 2022 with a smaller amount of data from January 2, 2023. My point was that AT&T didn't know about the breach since 2022.
I mean, yes, but we’re still using foreign services too. What if Apple gets hacked? Your whole iCloud content may be out there. And companies are profit-oriented, they are looking at ways to minimise cost. They don’t want to spend too much on security, that’s why this is happening in the first place.
That utilization percentage affects the credit score. That score will affect interest rates on loans, such as for a house. The credit score also affects auto and homeowner insurance. The lower the score, the higher the insurance rates as lower scores are considered a higher risk.
Those who actually do pay their credit balance in full have no concern about their credit score.
I'm not surprised when companies are way too big sometimes many security aspects get overlooked. I'd imagine this could happen to Google or Microsoft or even Apple.
It could, but the major difference is that telecom companies operate with the promise that your call or data connection will work, but not necessarily that it is the most secure service out there.
Apple literally closes some commercials with their logo imitating an old school lock to imply it is a much more secure environment. For the most part Google, Microsoft and Apple do a good job but still a long way to go.
Moving away from SMS 2FA would be big move. The problem is that most of the public doesn't take security seriously and losing a Yubikey or any other more secure method to authenticate could be catastrophic if there are no backdoors built (which I agree shouldn't be).
Nah generally the same protection as the issue is for the bank to be resolved. Most civilised countries brought those protections in for their citizens. The credit card protection is longer standing, but that was because of the type of financial protect; a loan. And thus had some protection under that system. But for many around the world they don't live on debt like the USA and thus you have the same protections.