📰 AT&T involved in One of the Largest Data Breaches | Tuesday Times | July 16, 2024

josem.serrano

What is Tuesday Times?

Tuesday Times is a weekly Tuesday series where we highlight a handful of recent cybersecurity-related news stories. We'll provide brief summaries of these news stories and link the articles directly, should you want to read more!

Feel free to comment on any of the articles highlighted, or share your own in the comments below!

AT&T Involved in One of the Largest Data Breaches | Tuesday Times | July 16, 2024

What AT&T Customers Need to Know About the Massive Hack, Data Breach

• We typically don't use data breach stories as our main headlines. However, since this breach involves AT&T, one of the world's largest telecommunications companies, and "almost" all of their users, we figured we could make an exception.
• AT&T has publicly confirmed the breach occurred sometime in April of this year and consists of "phone call and text message records of nearly all of AT&T cellular customers from May 1, 2022, to October 31, 2022, as well as on January 2, 2023."
• Luckily, AT&T has stated that the breached data was never publicly leaked and doesn't contain information like Social Security numbers or birth dates. If you're an AT&T customer, we highly suggest checking out their official support site to learn more about what you can do.

Disney’s Internal Slack Breached? NullBulge Leaks 1.1 TiB of Data

• Data breach stories have been recurring in Tuesday Times posts, partially because they deal with cybersecurity and highlight the importance of being as proactive and compliant as possible, but also to show that even the largest companies in the world, like Disney, are still vulnerable.
• While not officially verified, on July 12, 2024, a hacker group named NullBulge claimed to have breached Disney's internal Slack communication and downloaded "anything we could get our hands on." The leaked data allegedly includes “almost 10,000 channels, every message and file possible, unreleased projects, raw images, code, logins, links to internal API/web pages, and more!”
• It is important to note that this data breach has yet to be confirmed by Disney themselves. An update will be posted once this leak has been confirmed and what this means for all of you Disney+ users.

CISA Broke Into a US federal Agency, and No One Noticed for a Full 5 Months

• The US Cybersecurity and Infrastructure Security Agency (CISA) breached an unnamed federal organization in an exercise to provide a full assessment of the organization's security measures and compliance workflows. They initially gained access by exploiting a known vulnerability in the organization's Oracle Solaris enclave, and the story worsens from there.
• CISA then notified the agency of the issues, and after taking two weeks to "apply the patch" to the system, the agency failed to investigate the incident thoroughly. The team had purposely left breadcrumbs that would have led the agency to a full incident response, and if that wasn't bad enough, they later gained access to a more sensitive portion of the servers via phishing attacks.
• Lastly, the team then found "unsecured admin credentials" which led to a "full domain compromise" that essentially ended the assessment. All-in-all, if a government agency isn't immune to being hacked, what makes you think your company is?