On July 12th, AT&T revealed a cyberbreach that transpired in April involving the theft of call and text message logs from their workspace hosted by their vendor, Snowflake.
The threat actors downloaded the data of a large portion of AT&T’s cellular customers, creating a field day of information for scammers to exploit.
What does the stolen data include?
Although the stolen data does not contain the actual content of the conversations, is still highly valuable to cybercriminals.
The metadata includes the phone numbers involved in the calls and texts, as well as the time and date of the communication.
Scammers can use this information to manipulate caller ID information, impersonate contacts, and initiate phishing scams.
Financial Fallout
According to a report from WIRED, AT&T was forced to fork over more than $300,000 to the hacking team. AT&T has yet to confirm paying the ransom, though it is speculated that they negotiated the number down from the original asking price of 1 million.
Protect Yourself and Your Organization
To safeguard against potential scams arising from this incident, consider the following steps:
1. Be Cautious of Caller ID Information: A call alert from a familiar contact could easily be spoofed – stay wary and verify before giving any important information over the phone.
2. Verify Sensitive Requests: Thoroughly verify and vet requests for information/financial transactions.
3. Be Wary of Requests for Personal Information: Legitimate organizations will never ask for personal, account, or credit card details via text or call. If in doubt, contact the organization directly using a known, trusted method.
4. Ignore Texts from Unfamiliar Senders: Delete texts with random links from unknown numbers.
Let OptfinITy Keep Your Organization Safe
We equip our clients with regular cybersecurity training and testing to ensure they are up to date on the latest threats. Learn more about how OptfinITy can help safeguard your organization at sales@optfinity.com or 703-790-0400.
Leave a Reply