AT&T, Ticketmaster breaches show hackers can attack from many angles

Savannah Sicurella | The Atlanta Journal-Constitution (TNS)

When cybercriminals stole five months of customers’ call logs from AT&T, they found an indirect path to attack the telecommunications giant’s data. They found an access point through a cloud computing vendor most customers had likely never heard of.

The same is true for the big Ticketmaster breach of credit card numbers and credentials that the company confirmed in May.

As the world has become increasingly digitized, the collection of personal data out there for hackers to steal has grown. Each person leaves a digital footprint as they use devices to communicate, shop, track their fitness, listen to music or upload a document to the cloud. And we all trust the platforms we’re using to safeguard it.

With a greater collection of data comes a greater risk of it becoming compromised. And the consequences of this are vast, for both consumers and companies.

But the recent hacks of AT&T and Ticketmaster show it’s not just the brands we use that need to keep our digital identities safe, but the web of companies they rely on to make a seamless digital world possible.

It’s a cat-and-mouse game, cybersecurity expert and Georgia Tech professor Mustaque Ahamad says. The relationship between companies storing data and the hackers that want to exploit it.

Hackers are nimble and constantly adapting, finding software vulnerabilities in existing security systems. Companies build up walls to try to catch them — encrypting data, implementing access controls and requiring multiple forms of verification. But one always outsmarts the other.

“We rely on the internet and all kinds of online services. We do need to be careful and cautious. It can be breached, and it’s not your fault,” said Ahamad. “You have to learn to stay safe in the online world. You’re not going to be able to avoid it.”

All of the data collected by companies has to go somewhere. Companies often do not have the resources to build and maintain their own internal systems to warehouse data, so they will outsource the task to third-parties.

Last week, AT&T announced that hackers obtained data on the calls and text messages of essentially all its customers over a period of at least five months. AT&T said the hackers downloaded the information in April of this year from its workspace on a third-party cloud platform the communications giant later identified as Snowflake.

The data includes digital traces of voice and text communications — the cell numbers that customers called or received calls from, numbers that AT&T customers had text exchanges with and the times in which such communications were made.

FOLLOW US ON GOOGLE NEWS

Read original article here

Denial of responsibility! Todays Chronic is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – todayschronic.com. The content will be deleted within 24 hours.

Leave a Comment