Deprecated: mb_convert_encoding(): Handling HTML entities via mbstring is deprecated; use htmlspecialchars, htmlentities, or mb_encode_numericentity/mb_decode_numericentity instead in /home/u333346598/domains/thebulletin.tech/public_html/wp-content/plugins/insert-headers-and-footers/includes/class-wpcode-snippet-execute.php(411) : eval()'d code on line 18
Estimated reading time: 2 minutes
U.S. senators are starkly questioning AT&T’s data storage practices after a serious data breach.
Sens. Richard Blumenthal (D-Conn.) and Josh Hawley (R-Mo.) — the chair and ranking member of the Senate Judiciary Subcommittee on Privacy, Technology, and the Law — wrote letters questioning the telecom giant and its practice of storing call and text records with a third-party platform called Snowflake.
The lawmakers demanded more info regarding the hack in which the company said “nearly all” text and phone records were stolen in mid-to-late 2022. The letters demanded answers from the CEOs of both AT&T and Snowflake.
AT&T’s security practices face scrutiny
“Why had AT&T retained months of detailed records of customer communication for an extended amount of time and why had AT&T uploaded that sensitive information onto a third party analytics platform?” the senators asked. “What is AT&T policy, including timelines, concerning retaining and using such information?”
Blumenthal and Hawley also pressed the fact other Snowflake clients — such as Ticketmaster, Advance Auto Parts, and Santander Bank — have announced breaches of information hosted by the company. The lawmakers suggested the AT&T breach was a result of basic cybersecurity failures, centering on malware infections and passwords that had gone unchanged for years.
“Disturbingly, the AT&T breach appears to have been easily preventable,” the senators wrote.
Not long after the news of the breach broke, it was reported that AT&T had actually paid a hacker roughly $370,000 to delete the stolen information — though that does not actually guarantee the data is actually fully gone.