When scammers stole , five decades of consumers ‘ call logs , from AT&, T, they found an indirect way to strike the communications bear’s data. They discovered an entry level through a cloud processing provider that the majority of the customers had never heard of.
The company’s major Ticketmaster violation of credit card numbers and certificates, which it confirmed in May, is the same.
The amount of personal information that thieves are able to seize has increased as the planet has become more digital. Each man leaves a digital footprints as they use devices to communicate, store, track their exercise, listen to music or add a record to the cloud. And we all have faith in the safeguarding tools we use.
A larger amount of data is collected, increasing the risk of it being compromised. And the effects of this are great, for both customers and companies.
However, the new hacks at AT&, T, and Ticketmaster demonstrate that it’s not just the brands we use that need to protect our online identities, but also the networks of businesses that they rely on to create a seamless electronic world.
It’s a cat-and-mouse activity, cybersecurity expert and Georgia Tech doctor Mustaque Ahamad says. The connection between data storage firms and thieves who want to spoof it.
Hackers find technology flaws in existing security systems with ease and are continuously evolving. Companies encircle walls to try to get them, using access controls, encryption, and various methods of verification. However, one generally outwits the another.
” We rely on the internet and a variety of online providers. We do need to be mindful and meticulous. It can be breached, and it’s not your wrong”, said Ahamad. You must know to navigate the online world safely. You ca n’t possibly avoid it, really.
All the information collected by businesses must be relocated. Companies frequently choose to outsource the work to third parties because they do not have the resources to create and preserve their own internal systems to store data.
Last year,  , AT&, T announced that thieves obtained , information on the calls and text messages of essentially all its customers over a period of at least five months. The communications company claimed the hackers accessed the information from AT& T’s office in April of this year on a third-party sky program known as Snowflake.
The information includes online traces of voice and text communications, including the cell phone numbers that clients called or received calls, the AT&, T customers who exchanged texts, and the times when those calls were made.
The breach was the most recent incident to be reported by significant companies since the start of the time. In May, Ticketmaster confirmed that it had found illicit exercise in a third-party sky database and that a thief had offered user data for purchase on the black web. Consumer and employee data was compromised that month when Santander Bank discovered unauthorized access to a third-party provider’s business databases. Neither firm confirmed the name of the third-party.
Due to a threat battle that targeted Snowflake customer data in April, around 165 organizations ‘ data was likely exposed.
According to security analytics firm Mandiant, a thief used affected credentials stolen through info-stealing ransomware to obtain a patient’s Snowflake installation. With this exposure, the thief extracted data. This bill did not include multi-factor verification enabled. Around 165 companies were likely exposed, according to Mandiant.
In addition, Snowflake was named as the affected merchant in files with regulators in July, according to a report from Advance Auto Parts.
Montana-based Snowflake itself was not breached, the organization said. In updates shared on Snowflake’s site, Brad Jones, the company’s general knowledge security official, said Snowflake is committed to helping customers protect their accounts and data, and then requires stochastic authentication for all users in a Snowflake account.
The companies AT&, T, Ticketmaster, and Advance Auto Parts did not respond to requests for post right away.
Numerous Georgia-based businesses and organizations have even experienced vulnerabilities in the past. The University System of Georgia confirmed in April that its users data had been compromised as part of a significant attack aimed at report exchange program, which is used by both private and public companies to store details on a global scale. The same attack even compromised information stored by a former builder with the Georgia Department of Community Health, Maximus Health Services.
Not all vulnerabilities happen from thieves gaining access to third-party programs. Because they are information aggregators and have a wealth of information stored inside, these programs are frequently targets. Hackers can quickly deal a large number of victims with little effort.
Ahamad, the Georgia Tech doctor, boils it down to basic comparison.
” We put our money in institutions. And that’s why individuals rob institutions”, he said.
Risks and costs
Vulnerabilities are a hit to businesses, both monetarily and reputationally. The typical cost of a data breach for a company in 2023 was$ 4.45 million, according to a report from the technology and study company IBM. This number includes lost profits as a result of company or system downtime, lost customer costs, and money spent on services to identify and investigate breaches.
Some of these expenses are passed onto users, IBM found. In a survey of 533 businesses impacted by breaches, about 57 % of respondents claimed that this increased the cost of their business offerings.
Users also have entrusted businesses to effectively manage their data, which raises obvious risks. Some information may appear less sensitive than others, such as the length of a person’s names, than bank information, Social Security numbers or health information. However, any kind of information can be useful to an adversary. A hacker can learn about customers who frequently call a company, as an example, and” spoof” the company’s phone number to scam them.
Metadata tells comprehensive stories about who people are, what they are doing and what their secrets are, researcher John Scott-Railton , wrote on X, formerly Twitter, after the AT&, T breach. An unauthorized party now has an” NSA-level view into Americans ‘ lives”, he said.
When the data are stacked, the risk increases.
” One of the things that I was thinking about, especially now with AI capabilities, is being able to take information and build at scale, and create better attack profiles on people”, said Scott Kannry, the co-founder and CEO of cyber management software company Axio.
Many hackers are motivated by financial gain. In some cases, they will sell stolen data to other parties using online marketplaces and the dark web. The dark web is a section of the internet that is only accessible through unique software or authorization. Because it is purposefully hidden and shields users from surveillance and tracking, it frequently becomes a hub for online stores selling stolen goods.
Others may use the stolen information to make unauthorized purchases or commit identity theft. In the most recent AT&, T data breach, one member of the hacking team accepted more than$ 300, 000 in ransom from the company to delete the data,  , technology magazine Wired reported.
Some experts, like Scott-Railton, believe data breaches will continue to happen until companies face financial penalties for them. This past year, the Securities and Exchange Commission made new regulations that mandate public companies to report cybersecurity incidents within four business days after finding a materiality. An incident is material if it significantly impacts a company’s operations, reputation or financials.
In the meantime, companies and consumers can take precautions to protect themselves. According to Kannry, fire is one of the oldest known threats to humanity. And the world has n’t solved it yet.
Companies can invest in detection technology in the beginning to improve their security posture. Cybersecurity firm Mandiant discovered that some of the breaches involving Snowflake were caused by compromised accounts not having multifactor authentication enabled. A hacker only needed a valid username and password to log into a customer account.
” From the corporate or enterprise perspective, the attitude has to be, and it’s so cliché at this point,’ If an event has n’t happened to us yet, it likely will in the future,'” Kannry said.
Consumers can use password managers, enable multifactor authentication, and keep an eye on their financial statements for suspicious activity, according to Kannry’s definition of good cyber hygiene.
” There are risks and bad things that can happen, whether they’re accidental or malicious. In the modern climate, is it anywhere close to possible that this type of thing can be flat-out solved? The answer is unquestionably false. Events will continue to happen. So if a building does burn down, you rebuild it, restart operations and life goes on”, Kannry said.
___
© 2024 The Atlanta Journal-Constitution
Distributed by Tribune Content Agency, LLC.
