AT&T Data Breach?! What You Need to Know & How to Stay Safe
AT&T just dropped a bombshell: a massive data breach that exposed call and text records from mid-to-late 2022. This affects tens of millions of AT&T customers, as well as many non-AT&T users who communicated with them. If you’re thinking, “Uh-oh, was I affected?” — you probably were.
Here's the lowdown on what was compromised:
Phone Numbers: Nearly all AT&T cellular customers’ numbers
Call and Text Records: Every number called or texted, the number of interactions, and the call durations
Cell Site IDs: For some users, this includes cell site identification numbers, giving away approximate location data
This is metadata. The actual contents of calls and texts, Social Security numbers, dates of birth, and customer names weren’t exposed. However, linking names to specific phone numbers is often a piece of cake with publicly available tools, like a simple search on a data broker website.
Speaking of which, today’s sponsor is DeleteMe. If you were affected by this AT&T data leak, you’ll probably want to hear about DeleteMe, so stick around for the TLDR and a sweet discount.
Ok, so AT&T blames this breach on an "illegal download" from their workspace on Snowflake, a third-party cloud platform. They discovered the breach in April while dealing with another major leak from March. AT&T seems to have been targeted alongside a few other attacks on Snowflake. Companies like Ticketmaster and Santander Bank apparently use Snowflake too, and have also been hit.
Alright, let’s break down the potential risks, because this isn’t just about a few spam calls.
Social Engineering Threats
With this data, scammers can craft super convincing phishing scams. They can build detailed profiles for identity theft, potentially compromising your financial and personal security. Knowing your communication patterns can help them time their attacks when you're most vulnerable.
I’ve dedicated this channel to bringing you really in depth tech content, with pro tips trickled in as shorts but I promise I won’t be doing any tiktok dances, thats so not my thing. So if you want those pro tips that I drop every week, a quick click of the subscribe button tells me what content you wanna see more of.
Your Phone Number Exposes Your Personal Info
Your phone number is like a digital fingerprint. It can expose a ton of personal info and make you a target for spam calls, texts, and phishing attempts. Scammers can use it to find your address, Social Security Number, and even info about your relatives.
SIM Swapping and Fraud
The danger extends beyond annoying spam. Attackers might try SIM swapping, where they transfer your phone number to a device they control. This can give them access to accounts that use your phone for two-factor authentication, leading to unauthorized access to your financial accounts or even opening new ones in your name. In extreme cases, this data could be used for stalking or harassment.
Senator Ron Wyden is calling for hefty financial penalties for these large-scale breaches. Will this lead to stricter regulations and better security measures? Only time will tell. But until then, let's focus on what we can do to protect ourselves.
Here’s how you can stay safe:
Change Your Passwords: Use strong, unique passwords for each account. A password manager can make this easier.
Enable 2FA/MFA: Enable two-factor authentication whenever possible.
Beware of Phishing Scams: Be skeptical of emails or messages asking for personal info. If it smells fishy, it probably is phishy.
Monitor Your Accounts: Keep an eye on your bank and credit card statements for any unusual activity.
Check Your Risk: Use services like DeleteMe to remove your PII off the internet.
Did you know there are companies out there that know all sorts of private info about you, and they put that info online publicly for anyone to find? Not even exaggerating – your phone number, home address, email address, your families names and private info, your occupation and marital status, your age... Yup, those are data brokers. Data brokers are out there compiling this data and making it easy to find.
Data brokers are these companies that collect and sell your personal information without you even knowing. Imagine someone knowing where you live, what you buy, and who you vote for, and then selling that info to marketers, insurance companies, or worse. It’s like having your own personal stalker, except it’s legal!
I’ve got a solution for you: DeleteMe. DeleteMe is a service that removes your personally identifiable information from data brokers. They go through the painstaking process of finding your data on all those shady sites and get it removed. It's like having your own personal cleanup crew for your online presence. I've been a paying customer of DeleteMe long before they sponsored my channel, and I've coined the company as my online privacy assistant. I don't have time to opt-out of 100's of data brokers while running a business, so I have DeleteMe do it for me.
DeleteMe works tirelessly to keep your private details, well, private. They tackle those data brokers head-on, so you don't have to worry about your info ending up in the wrong hands. Plus, they keep doing it regularly because, let's face it, data brokers are relentless and they repopulate your data on their sites all the time.
So if you’re worried about where scammers and spammers keep finding your phone number, or you need to take precautions to prevent stalking or scams, then DeleteMe is a product I’ve recommended for many years. And just a few months ago, they added a bunch of features to their family plans if you want to protect your family, too!
Use the code SNUBS for 20% off and see how DeleteMe can help you take your online privacy to the next level. Hit up JoinDeleteMe.com/MorseCode, choose how many people you want to protect, and sign up today!
Thank you to DeleteMe for being my privacy assistant online when I’ve needed it most. And thank you for sponsoring this video!
According to a report by Wired, the hacker group ShinyHunters, notorious for multiple high-profile data breaches, claims that AT&T paid them a whopping $300,000 in ransom. The hackers provided proof of a cryptocurrency exchange that supposedly took place in May. However, crypto-tracing experts couldn’t identify the owners of the wallets involved. So, there's still a lot of mystery here.
Scripps News hasn’t independently confirmed this ransom payment, and AT&T is staying tight-lipped, not giving any statements on the matter. Talk about suspense!
Alright, S'mores, what do you think about this breach? Does it change how you feel about your data privacy? Drop your thoughts in the comments below. And hey, if you found this video helpful, don't forget to give it a thumbs up, subscribe, and ring that notification bell so you don't miss any updates.
