AT&T Wireless Data Breach: A Wake-Up Call to Strengthen Cloud Security and Trust
In what seems to be a year of endless cybersecurity incidents making headlines, AT&T Wireless is one of the latest organizations to confirm that it has suffered a significant data breach. The company admitted in July that the call and text logs of 109 million of its wireless customers were illegally obtained from the cloud of a third-party carrier, Snowflake. The stolen data included all of the numbers with which AT&T Wireless customers communicated via calls or texts, along with the locations of cell sites. AT&T disclosed in a filing with the Securities and Exchange Commission (SEC) that an internal investigation uncovered the data breach in April.
Data security is directly related to building trust. What lessons can we learn from the AT& Wireless data breach as we look to strengthen our cloud security?
Thales’ global leader in data security.
Beyond a legal requirement
This recent third-party breach is a reminder that compliance with cybersecurity standards is not just a legal requirement, but a fundamental requirement for protecting all sensitive data. In fact, Thales’ most recent Data Threat Report found that companies that failed compliance checks were ten times more likely to suffer a data breach than those that did. Specifically, 84% of those companies reported a history of breaches, with 31% reporting a breach in the past 12 months. The correlation is clear: compliance goes hand in hand with robust cybersecurity.
Rather than viewing compliance as a box-ticking exercise that can be completed annually, companies with truly robust security will continually evaluate their security posture. That way, they can regularly assess and audit their defenses and adjust the way they authenticate their systems and data accordingly—not only in line with new compliance, but also in response to evolving threats.
Think beyond yourself: the supply chain
No business operates in a silo – they rely on contractors, suppliers, and vendors across different departments to function. But this interdependence also means that a host of other stakeholders are connected to the company’s network in some way. This means that even if your own security measures are robust, third-party vulnerabilities within the supply chain can leave you short if malicious actors use them as a gateway to gain access to you. In fact, this is exactly what happened in the case of AT&T Wireless, where the breach was that of a third-party software.
In addition to strict access controls to segment access to sensitive data, suppliers should also be assessed on their own security. Mandating cybersecurity compliance helps you get a clear picture of whether stakeholders have implemented the required measures and can be considered a trusted supplier. The security of those in the supply chain should also be considered when conducting business risk assessments, monitoring threats, and running tabletop exercises to simulate attacks.
Understand your data
Understanding the data that resides in your network, in this case phone numbers, may seem like a simple step, but it is essential to truly understanding the risk landscape.
It’s a good idea to first perform an audit to understand what data you have, where it resides, and what protections are in place to protect it. From there, you can classify assets based on their risk status, assess any current vulnerabilities and potential risks, and address weaknesses in your data protection mechanisms.
Prioritize robust defenses and proactive monitoring
Strong encryption, regular software updates, multi-factor authentication (MFA), and an identity management system are just some of the fundamental measures organizations should take to reduce the risk of breaches and leaks. And worryingly, fewer than 10% of enterprises said they encrypted 80% or more of their sensitive cloud data, highlighting the importance of widespread encryption for data at rest or in transit. But strong defenses are only part of the solution.
Because human error is a major factor in cloud data breaches, continuous behavioral or postural monitoring is another fundamental line of defense you can take if a threat actor obtains credentials. This proactive approach automates the detection of non-compliant, risky, or suspicious data access behavior to defend against intrusions.
Safety by Design
Cyber threats are constantly evolving, and the only way organizations can stay ahead of the curve is by taking a security-by-design approach to cybersecurity, where security is built into every phase of system development. This proactive stance ensures that vulnerabilities are addressed from the start, reducing the chance of exploitation, rather than building new controls into outdated software and hardware.
This approach should be part of a broader security-in-depth strategy, which includes multiple layers of security measures such as MFA, encryption, and continuous monitoring to provide an additional layer of protection. Relying on a single point of failure is dangerous for any business protecting critical information. Instead, organizations should diversify their defenses so that multiple points of failure must be compromised before a malicious actor gains access.
Final thoughts
We’re seeing a dramatic increase in companies having their sensitive data targeted. AT&T Wireless joins a growing list of large enterprises that have suffered cybersecurity breaches in recent years—and sadly, they won’t be the last. But we’re at a crossroads where we can take action to reduce the chances. Approaches must be multifaceted, proactive, and constantly evolving.
And there’s good reason to take action now – beyond the financial implications of such breaches, or the loss of valuable IP, the damage to reputation and loss of customer trust cannot be underestimated. While security can enable companies to build that consumer trust, examples like the AT&T breach show how easily trust can be broken and reputations damaged.
We provide an overview of the best patch management software.
This article was produced as part of TechRadarPro’s Expert Insights channel, where we showcase the best and brightest minds in the technology sector today. The views expressed here are those of the author and do not necessarily represent those of TechRadarPro or Future plc. If you’re interested in contributing, you can read more here: