Expert commentary: AT&T data breach
March 2023 by Marc Jacob
After the news that AT&T have alerted nine million customers of a data breach after vendor hack, Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity explain:
“Seeing AT&T experiencing a data breach involving a third-party company is a wakeup call for all businesses and highlights the need to revisit supply chains for security weak links. The fact that customer names, email addresses and phone numbers were amongst the leaked data, creates huge potential for tailored social engineering attacks and identity theft.
Sensitive information such as the customer data stolen in this attack is likely to be very valuable to organised criminals. Businesses of all sizes need to prioritise the security of critical and personal information, as you’re never too small or large to be a target. The key learning lesson here is making sure that not only are your own security processes up to scratch, but also that any third party dealing with sensitive data or accessing your network does so in the right way too.
To limit the impact of these attacks, businesses that hold private information should ensure they have clearly defined security policies and procedures to avoid any leak of information. This starts with employee education, which underscores all effective cyber resilience and data protection strategies. Security awareness training programmes can now inform and educate employees on the latest threats in real-time, including information security, social engineering, malware, and industry-specific compliance topics. Attack simulations can also be used to automatically send users for re-education should any training issues be identified.”