AT&T data leak exposes customer records from a cloud vendor

Tens of millions of customer records, including passcodes and Social Security numbers, surfaced online after data stored with a third-party vendor leaked.

The incident reignited debates about shared responsibility between telecommunications providers and their extended supply chains.

Prevention playbook:

• Enforce contractual controls for data masking, encryption, and retention with every external processor.
• Adopt continuous discovery of exposed datasets on dark-web forums and paste sites.
• Mandate breach-notification SLAs and joint tabletop exercises with critical vendors.