HOME Science & Technology

AT&T reports data breach affecting 190 million customers

2024.08.05 02:11:37 Sangmin Lee
334

[Photo Credit to Unsplash]

On July 12, AT&T, one of the largest telecommunications firms in the United States, announced a significant data breach affecting approximately 190 million customers.

According to reports from AP and CNBC, the breach occurred in April when the cloud platform storing customer data suffered a cyber attack.

The hackers accessed customer information, including call and message records between May 1, 2022, and October 31, 2022, as well as from January 2, 2023.

AT&T has confirmed that while the data did not include personal details like birthdates, the extent of the breach is substantial.

TechCrunch reported that the data was extracted from Snowflake’s cloud services, a platform known for managing big data analytics and storage.

This is not the first instance of cybersecurity issues for AT&T; in March, the company reported another breach where data of 73 million customers was leaked to the dark web.

In February, the company also experienced a major service outage affecting mobile phone connectivity across the United States.

In response to the recent cyber attack, AT&T has stated it is collaborating with the Federal Bureau of Investigation (FBI) to conduct a thorough investigation.

The FBI has confirmed that at least one suspect has been arrested in connection with the breach.

The Federal Communications Commission (FCC) issued a statement on July 12 acknowledging the ongoing investigations into the data leak.

The FBI emphasized its commitment to strengthen investigative efforts and support AT&T in enhancing its cybersecurity measures.

A joint statement with the Department of Justice highlighted the importance of sharing critical threat intelligence to combat such cybersecurity incidents effectively.

Additionally, a report released by IBM and the Ponemon Institute on July 31 discussed the broader implications of data breaches.

The "2024 Data Breach Cost Study" analyzed incidents affecting 604 companies worldwide, including 28 from South Korea, from March 2023 to February 2024.

The study found that the average cost per data breach incident is $4.88 million, indicating a 10% increase from the previous year.

The average data breach cost for South Korean companies was notably high, amounting to approximately $39.8 million.

The report also highlighted that 70% of the companies experienced severe operational disruptions due to data breaches.

With the advent of AI and enhanced security automation solutions, 67% of companies had adopted these technologies, showing a 10% increase in adoption from the previous year.

Twenty percent of these companies implemented next-generation AI security tools.

Companies with security automation solutions detected and contained breaches 98 days faster on average than those without such systems, saving an average of $2.2 million in breach costs.

The report pointed out the rising instances of intellectual property theft and emphasized the challenges of managing 'shadow data'—information that falls outside regular data management practices.

As AI technologies become increasingly integrated into corporate environments, the report urged companies to reassess their security protocols and access controls surrounding critical data.

Kevin Scapinets, Vice President of Strategy and Product Design at IBM Security, remarked on the cyclical challenges companies face regarding breach prevention, detection, and response.

He noted that as generative AI continues to penetrate the market, the cost of security is likely to rise, necessitating a reevaluation of security strategies and responses by businesses.

The increasing complexity of cyber threats and the rapid evolution of technology call for a proactive approach to cybersecurity, ensuring that companies can defend against and mitigate the impacts of data breaches effectively.

Sangmin Lee / Grade 11
BC Collegiate