Customers of AT&T MVNOs such as Boost, Cricket, and Straight Talk also impacted by data breach

1comment
Customers of AT&T MVNOs such as Boost, Cricket, and Straight Talk also impacted by data breach
On Friday we told you that AT&T customers were the victims of another data breach after the one in April that impacted 71 million subscribers. This time, the hacking involved customer data stored with third-party cloud platform Snowflake. The latter has not done a good job lately of protecting the data entrusted to it since companies using Snowflake, such as Ticketmaster, Neiman Marcus, Santander, and others, also had their accounts hacked and data stolen.

The data belonging to AT&T stolen from Snowflake includes records of customer calls and texts. The hackers stole the records between April 14 and April 25 of this year and the info stolen included data generated by calls and texts made from May 1 to Oct. 31, 2022, including the phone numbers involved and the duration of the calls. That data plus cell site identification numbers from the day of Jan. 2, 2023, were also taken.

We now know that AT&T ended up paying one of the hackers involved in the data breach a ransom of 5.7 bitcoins valued at over $370,000 to delete the stolen records. The carrier was given a video of the deletion taking place as proof that it was done. A new report points out that the data breach affected not just AT&T customers, but also customers of mobile virtual network operators (MVNOs) who use AT&T's network since they don't have one of their own. These companies include Boost Mobile, Cricket Wireless, H2O, and Straight Talk Wireless.

While AT&T told me Sunday evening that they believe the data swiped from Snowflake is no longer publicly available (which would be due to the more than $370,000 paid to one of the hackers to have the files deleted), experts warned that the data from January 2nd, 2023, which included cell site identification numbers, could have been used to compute customer addresses based on the triangulation of data.


The more basic metadata taken could still have been used for phishing attacks, identity thefts, and other malicious deeds according to Javvad Malik, lead security awareness advocate at KnowBe4. So if you're an AT&T customer or a subscriber to one of the aforementioned MVNOs, you should be hoping that AT&T is correct and that the data taken from Snowflake was deleted and cannot be used to scam subscribers. As usual, use common sense when receiving an email or phone call that asks for your personal data such as social security numbers, passwords, and PINs.
Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Build your personal phone library
Register For Free

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless