Unauthorized access: According to AT&T, approximately 9 million wireless accounts had their Customer Proprietary Network Information accessed. In this episode, cloud security expert John Martinez walks through what we know about the breach and shares how to protect yourself as an individual and a business.
Hey everybody.
Welcome to today's episode of John Has Trust Issues where I talk about issues and other events in the industry happening around Zero Trust and authorization in a few minutes.
I'm John Martinez, I'm the technical evangelist here at StrongDM, and my trust issues come from that smart speaker, quote unquote in my bedroom that wakes up in the middle of the night asking me if I'm still there or that she couldn't hear me or whatever.
It's three in the morning, I'm asleep.
Let's get to today's topic.
I'm talking about the massive AT&T data breach that has been reported.
This is kind of a redux of something that happened back in 2021, and there's some confusing and some conflicting information that's happening around this breach.
But what we do know, and from the very few things that, AT&T has actually fessed up about the breach is that it happened with a third party partner back in 2021.
And, it really was some data that that partner processed.
We, we know is that there's about 9 million records that were affected and those affected received an email from AT&T, but get this, it looked, the email itself looked like a phishing attempt causing people even more angst and more pressure and, you know, lots of issues happening here.
We do have in the notes there's gonna be two links to some of this information that's, you know, some of it is more recent, some of it's a little bit older, but you'll get to read and see for yourself kind of a little bit of the conflicting and the confusing messaging.
So what do we know, uh, that has been exposed?
So, a few things. We know that names have been exposed.
We know that account numbers have been exposed.
We know that phone numbers, email addresses, and here's the confusing and conflicting claims, is that even more sensitive.
PII has been exposed things like social security numbers, dates of birth, home addresses, and a few more bits of information like that.
So it's a little bit confusing.
But one of the articles definitely points that some of that data that's been leaked is authentic based on some users that have confirmed some of the leaked information.
That that's what it's, right, you know, it, it's confusing and we need more clarification from AT&T.
So, it leaves us speculating.
It leaves those of us in the industry speculating about what happened.
So what can we do, as people that have cellular phone accounts with at and or other types of accounts with at and t?
What can we do to actually mitigate the risk?
Actually talk about the risk and actually think about the types of things that could happen to us because of this risk.
So I'm also gonna talk a little bit about what can we do as, as professionals in the security industry, uh, for this type of risk.
Alright, so let's talk about that.
So on the personal side, let's watch for signs of phishing attempts, emails that come across to us, wanting us to send gift cards to somebody special in our lives that, you know, it's not gonna be asked about.
So that's one.
And also watch things like, text scams, or phone number scams where they're, they're calling you, these scammers are calling you also watch your credit report, you know, credit usage, things like that.
Definitely freeze your credit report so that, be if they do have your social security number, you know, bad things can happen to you.
So definitely watch those on your personal side.
And on the business side, what can we do?
So we can require monitoring of our partner systems.
I'm talking here, uh, monitoring of cloud accounts.
So for example, if there's data that's being hosted, or being stored on cloud storage, definitely demand that your partners give you some of those reports on how they're securing, and if a breach happens on their side to report to you right away.
Uh, for disclosure as well as identities.
What is their identity program?
How are they managing their IAM in both on the cloud and on-prem?
How, what are, what types of things are they doing?
Do they have zero trust authorization platforms like StrongDM?
And, you know, I'm gonna plug StrongDM of course, but what types of, what types of controls, what types of monitoring are they doing for both their, their systems and their identities?
Again, implement modern access management, continuous authorization of sensitive data, and access to sensitive data, access to those databases, those processing, compute clusters like Kubernetes, et cetera.
So definitely demand those and ask for those and ask for some of that reporting.
All right, so that's been another episode of John Has Trust Issues, and this episode was sponsored by StrongDM, your Modern Access and Modern Authorization, continuous modern authorization platform.
Thank you for watching and have a great day.
