NextGov: House lawmaker demands answers from AT&T on recent data breach

NEXTGOV, DAVID DIMOLFETTA

A House lawmaker is seeking details on a recently disclosed AT&T data breach that exposed nearly all customers’ phone numbers, according to a letter first shared with Nextgov/FCW.

Rep. Abigail Spanberger, D-Va., asked AT&T CEO John Stankey about the company’s incident response efforts after the breach was disclosed, as well as whether the telecom giant would be offering fraud monitoring services, among other questions.

AT&T first disclosed the incident July 12 after hackers had accessed the stolen customer data through Snowflake, a cloud platform provider. The company last week told Nextgov/FCW that most phone numbers connected to the Commerce Department-managed FirstNet public safety service that’s used by first responders were compromised in the breach.

“This stolen customer data — which includes valuable call records, records of text message exchanges, and personally identifying information — becomes especially perilous when acquired or purchased by foreign adversaries,” wrote Spanberger, who is a former CIA officer.

“When armed with this valuable information, maligned governments — like the Russian Kremlin and the Chinese Communist Party — and state-sponsored intelligence agencies could trace these phone numbers back to their owners to expose contacts, sensitive communications networks, and even the precise locations of callers,” she added.

The stolen data on nearly all AT&T customers includes both cellular and landline phone numbers, along with call and text message records — detailing who contacted whom — over a six-month window from May 1, 2022 to October 31, 2022.

The pilfered data didn’t include the specific contents of the calls and text messages, or times and dates of the conversations, but it includes records of interactions between AT&T phone numbers during the six-month period, including the total number of calls and texts and the duration of calls. At least one person has already been arrested in connection with the breach.

The FirstNet service is used by federal, state, local and tribal governments’ emergency response departments. The full extent of the breach’s impact on federal entities is not entirely known.

AT&T is one of the top telecom and network suppliers to the federal government. It’s a prime contractor on the $50 billion Enterprise Infrastructure Solutions contract — a multiple award program where agencies can issue and award task orders — that’s administered by the General Services Administration.

Agencies that tap AT&T for telecommunications services include the Departments of Homeland Security, Justice, State and Veterans Affairs, as well as the Defense Department and the intelligence community. The company in 2018 notably secured a hefty classified contract with the National Security Agency.

Some of the stolen records also fall on January 2, 2023, affecting a smaller, unspecified number of customers. Additionally, the stolen data includes call records of customers from other cell carriers that use AT&T’s network.

Spanberger’s letter follows a related Senate inquiry sent to Stankey last week. The Federal Communications Commission also said that it’s conducting an investigation

“We have received the letter from Rep. Spanberger and will be responding,” a company spokesperson said in an email.

The call logs were first stolen in April, but the company — which is publicly traded and required to adhere to strict disclosure requirements set by the Securities and Exchange Commission — obtained an unexplained national security exemption to delay the breach notification, it said in its filing of the incident.

In May, AT&T made a $370,000 payment to the ShinyHunters hacking group to delete the stolen records, WIRED reported July 14. The cybercrime collective has recently been using stolen data from vulnerable Snowflake enterprise accounts as leverage to blackmail several targeted companies. Spanberger in the missive asks whether the company has any reason to believe the stolen data is still in the open or was sold to another third party.

She also asks Stankey if the company has instituted new security features like multifactor authentication, designed to double check whether a user is masquerading as someone else when logging into a system.

While only phone numbers were obtained, they can be easily used to build out profiles on government staffers, and attempted cyberattacks on federal employees should be expected to increase, a security practitioner told Nextgov/FCW when the incident was first disclosed.

Recent Posts


Sep 9, 2024
Uncategorized

Spanberger Urges Amazon, eBay, Facebook Marketplace to Crack Down on the Resale of Stolen Goods, Backs Bill to Address Supply Chain Theft

The Average American Family Will Pay More Than $500 Annually in Additional Costs Due to Increased Prices Caused by Organized Retail Crime WASHINGTON, D.C. — U.S. Representative Abigail Spanberger today pressed online retailers — including Amazon, eBay, and Facebook Marketplace — for information on their efforts to curb the resale of stolen goods. Consumers, communities, and businesses bear […]



Sep 5, 2024
Veterans' Issues

Spanberger Presents Widow of Virginia Vietnam War Veteran Sergeant Michael R. Spears with Bronze Star & Decorations He Earned for His Service

The Congresswoman’s Office Worked with the U.S. Department of Defense to Secure the Military Decorations Sergeant Spears Earned During His Service DALE CITY, Va. — U.S. Representative Abigail Spanberger yesterday presented the widow of Retired U.S. Army Sergeant First Class Michael R. Spears — a Madison County resident and longtime member of VFW Post 1503 in […]



Sep 4, 2024
Economy & Jobs

Spanberger Hosts Workforce Training Summit with Virginia Business, Economic Development, & Education Partners

Spanberger was Joined by Speakers From Local Chambers of Commerce, Colleges & School Divisions that Serve Students in Virginia’s Seventh District, & Economic Development Agencies WOODBRIDGE, Va. — U.S. Representative Abigail Spanberger today hosted her 2024 Workforce Training Summit to bring together Virginia business owners, employers, and economic development, education, and industry leaders. Spanberger and panelists […]