AT&T's Call Record Storage on Third-Party AI Data Cloud Raises Privacy Concerns

Senators press AT&T on why it stores call records on a third-party 'AI data cloud'

U.S. senators are starkly questioning AT&T's data storage practices after a serious data breach. Sens. Richard Blumenthal (D-Conn.) and Josh Hawley (R-Mo.) -- the chair and ranking member of the Senate Judiciary Subcommittee on Privacy, Technology, and the Law -- wrote letters questioning the telecom giant and its practice of storing call and text records with a third-party platform called Snowflake. The lawmakers demanded more info regarding the hack in which the company said "nearly all" text and phone records were stolen in mid-to-late 2022. The letters demanded answers from the CEOs of both AT&T and Snowflake. AT&T's security practices face scrutiny "Why had AT&T retained months of detailed records of customer communication for an extended amount of time and why had AT&T uploaded that sensitive information onto a third party analytics platform?" the senators asked. "What is AT&T policy, including timelines, concerning retaining and using such information?" Blumenthal and Hawley also pressed the fact other Snowflake clients -- such as Ticketmaster, Advance Auto Parts, and Santander Bank -- have announced breaches of information hosted by the company. The lawmakers suggested the AT&T breach was a result of basic cybersecurity failures, centering on malware infections and passwords that had gone unchanged for years. "Disturbingly, the AT&T breach appears to have been easily preventable," the senators wrote. Not long after the news of the breach broke, it was reported that AT&T had actually paid a hacker roughly $370,000 to delete the stolen information -- though that does not actually guarantee the data is actually fully gone.

Senators press AT&T on why it stores call records on a third-party 'AI data cloud'

U.S. senators are starkly questioning AT&T's data storage practices after a serious data breach. Sens. Richard Blumenthal (D-Conn.) and Josh Hawley (R-Mo.) -- the chair and ranking member of the Senate Judiciary Subcommittee on Privacy, Technology, and the Law -- wrote letters questioning the telecom giant and its practice of storing call and text records with a third-party platform called Snowflake. The lawmakers demanded more info regarding the hack in which the company said "nearly all" text and phone records were stolen in mid-to-late 2022. The letters demanded answers from the CEOs of both AT&T and Snowflake. AT&T's security practices face scrutiny "Why had AT&T retained months of detailed records of customer communication for an extended amount of time and why had AT&T uploaded that sensitive information onto a third party analytics platform?" the senators asked. "What is AT&T policy, including timelines, concerning retaining and using such information?" Blumenthal and Hawley also pressed the fact other Snowflake clients -- such as Ticketmaster, Advance Auto Parts, and Santander Bank -- have announced breaches of information hosted by the company. The lawmakers suggested the AT&T breach was a result of basic cybersecurity failures, centering on malware infections and passwords that had gone unchanged for years. "Disturbingly, the AT&T breach appears to have been easily preventable," the senators wrote. Not long after the news of the breach broke, it was reported that AT&T had actually paid a hacker roughly $370,000 to delete the stolen information -- though that does not actually guarantee the data is actually fully gone.