An error from a third-party contractor has led to a massive data breach where personal information of hundreds of thousands of AT&T, Verizon, and T-Mobile subscribers was exposed on unprotected public cloud servers. According to a TechCrunch report, around 261,300 documents were exposed on the server hosted by Amazon Web Services (AWS).
The leaked information included phone bills, subscriber name, address, phone numbers, call histories, bank statements, screengrabs of usernames, passwords, and PIN numbers.
The incident came into light after the penetration testing company, Fidus Information Security, discovered that a marketing agency Deardorff Communications, one of the contractors of the telecom company, [Sprint], collected the documents of Sprint’s customers and stored them on AWS buckets without proper password protection.
The bucket was only secured after Fidus Information Security notified Amazon, which then informed Jeff Deardorff, the president of Deardorff Communications.
“The contractor collected the subscriber’s data as part of a marketing effort to persuade rival company’s customers to switch to Sprint,” said Jeff Deardorff, in a media statement. “I have launched an internal investigation to determine the root cause of this issue, and we are also reviewing our policies and procedures to make sure something like this doesn’t happen again,” Deardorff added.
Both the telecom companies, AT&T and T-Mobile, have been marred by several security incidents in the recent past.
According to the United States Department of Justice (DOJ), Muhammad Fahd, a recruiter in AT&T, was arrested in Hong Kong on February 4, 2018, for committing unauthorized access. The DOJ declared that Fahd has employed several paid insiders and provided them with credentials to inject malware.
Apart from that, recently, T-Mobile’s cybersecurity team detected a malicious attack by hackers that gave them unauthorized access to customer information. The company stated that none of the customers’ financial information, social security number (SSN), and passwords were compromised.