Subnostr

‚ AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).‘

https://krebsonsecurity.com/2024/07/hackers-steal-phone-sms-records-for-nearly-all-att-customers/

Reply to this note

Please Login to reply.

Discussion

MF_HODL 1y ago

Yes there was a TechCrunch article that went into some detail from this morning. They did not have MFA on their Snowflake data warehouse accounts.

This is absolutely basic level security shit for any organization. People responsible should go to prison.