In what seems like a year of seemingly endless headline-grabbing cybersecurity incidents, AT&T Wireless is one of the latest companies to confirm it was affected by a major data breach. The company admitted in July that the call and text records of 109 million of its wireless customers were improperly obtained from a third-party cloud provider, Snowflake. The stolen records include all the numbers that AT&T Wireless customers interacted with through calls or texts, along with the locations of their mobile phone locations. AT&T revealed in a filing with the Securities and Exchange Commission (SEC) that an internal investigation uncovered the data theft in April.
Since data security is directly linked to building trust, what are some lessons we can learn from the AT&Wireless breach as we look to strengthen our cloud security defenses?
Thales is the world leader in data security.
Beyond Regulatory Requirements
This latest third-party breach is a reminder that cybersecurity compliance is not just a regulatory requirement, but a fundamental requirement for protecting all sensitive data. In fact, the latest Thales Data Threat Report found that companies that fail compliance tests were ten times more likely to suffer a data breach than those that passed. Specifically, 84% of these companies reported a history of a breach, with 31% saying they had suffered a breach in the past 12 months. The connection is clear: compliance goes hand in hand with strong cybersecurity.
Rather than viewing compliance as an exercise that can be completed annually, companies with truly strong security will assess their security posture on an ongoing basis. This way, they can regularly assess and review their defenses and change how they authenticate their systems and data accordingly—not just in line with new compliance, but also in response to evolving threats.
Think Outside Yourself: Supply Chain
No company operates in a silo—it relies on contractors, suppliers, and vendors across different departments to function. But this interconnectedness also means that a host of other stakeholders are somehow connected to the company’s network. This means that even if your security measures are strong, third-party vulnerabilities within your supply chain could be where you fail if bad actors use them as a gateway to you. In fact, that’s exactly what happened in the case of AT&T Wireless, where the breach involved third-party software.
In addition to strict access management to segment access to sensitive data, suppliers should also be evaluated on their own security. Enforcing cybersecurity compliance will help you get a clear picture of whether stakeholders have taken the required measures, and whether they can be considered a reliable supplier. The security of those in the supply chain should also be considered when conducting business risk assessments, when monitoring threats, and when conducting desktop exercises to simulate attacks.
Understanding your data
Understanding the data in your network, such as phone numbers in this case, may seem like a basic step, but it is essential to truly understanding the risk landscape.
It’s wise to first conduct an audit to see what data you have in your care, where it is, and what protections are in place to protect it. From there, you can categorize assets based on their risk status, assess any current vulnerabilities and potential risks, and address weaknesses in your data protection mechanisms.
Prioritize strong defenses and proactive monitoring.
Strong encryption, regular software updates, multi-factor authentication, and identity management are just some of the basic measures organizations need to take to mitigate the risk of breaches and leaks. Alarmingly, less than 10% of organizations said they encrypted 80% or more of their sensitive cloud data, highlighting the importance of broad encryption of data at rest and in transit. But having strong defenses in place is only one part of the solution.
Since human error is one of the leading causes of cloud data breaches, continuous behavioral or situational monitoring is another essential line of defense to take in the event that a threat actor obtains credentials. This proactive approach will automate the detection of incompatible, risky, or suspicious data access behavior, providing protection against breaches.
Security by design
Cyber ​​threats are constantly evolving, and the only way organizations can stay ahead is to adopt a security-by-design approach to cybersecurity, where security is integrated into every stage of system development. This proactive stance ensures that vulnerabilities are addressed from the start, reducing the likelihood of exploitation, rather than retrofitting new measures into legacy software and hardware.
This approach should be part of a broader security strategy, which includes multiple layers of security measures such as two-factor authentication, encryption, and continuous monitoring to provide an additional layer of protection. Relying on a single point of failure is dangerous for any company protecting critical information. Instead, organizations should diversify their defenses so that multiple points of failure must be compromised for a bad actor to gain access.
Final Thoughts
We are seeing a dramatic increase in the number of companies being targeted for their sensitive data. AT&T Wireless joins a growing list of major companies that have faced cybersecurity breaches over the past few years—and sadly, it won’t be the last. But we have reached a point where there are practical steps to take to mitigate these opportunities. Approaches must be multifaceted, proactive, and constantly evolving.
There are good reasons to act now—beyond the financial consequences of such breaches, or the loss of valuable intellectual property, the damage to reputation and loss of customer trust should not be underestimated. While security can enable companies to build customer trust, cases like the AT&T breach show how easily trust can be broken, and reputations damaged.
We list the best patch management software.
This article was produced as part of TechRadarPro’s Expert Insights channel where we highlight the best and brightest minds in today’s technology industry. The views expressed here are those of the author and do not necessarily reflect the views of TechRadarPro or Future plc. If you’re interested in contributing, learn more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
