In April 2024, AT&T learned that its customer data had been exfiltrated from its Snowflake workspace. The breach affected 90 million or more customers’ call and text histories recorded during a six-month period in 2022.
The following is a press release from Senator Chuck Grassley:
BUTLER COUNTY, IOWA – U.S. Sen. Chuck Grassley (R-Iowa) is demanding records from AT&T and 17 federal agencies regarding the April 14-25, 2024, cyberattack on AT&T. The hack compromised AT&T customers’ call and text history between May 1 and October 31, 2022.
“Bad actors accessed 90 million Americans’ data, which potentially included federal agencies’ communications patterns. That’s a significant national security threat waiting in the wings. Congress ought to know exactly what outstanding vulnerabilities we’re dealing with, as well as how AT&T and the executive branch are actively mitigating future risks,” Grassley said of his inquiry.
Among other items, Grassley is questioning AT&T’s security protocols and efforts to strengthen them following the breach. He’s additionally asking agencies whether hackers gained access to government materials and why the public didn’t learn of the cyberattack until months after the fact.
At the corresponding links, find Grassley’s letters to:
- AT&T
- Department of Agriculture
- Department of Commerce
- Department of Defense
- Department of Education
- Department of Energy
- Department of Health and Human Services
- Department of Homeland Security
- Department of Housing and Urban Development
- Department of the Interior
- Department of Justice
- Department of Labor
- Department of State
- Department of Transportation
- Department of the Treasury
- Department of Veterans Affairs
- Executive Office of the President
- Federal Bureau of Investigation