Hacker News new | ask | show | jobs
by smcin 705 days ago
- [EDIT: I confused the details of this AT&T breach with the other (2019) one disclosed on 3/2024: 77m AT&T/MVNO customers, 90% of them former customers]. This one is 110m customers, presumably all their current customerbase. But it's still unlikely this is "internal analytics" (for telco business-case) given the timestamps were removed but location data included.

- Yes about Snowflake's cloud telco unit explicitly marketing the fact that telco data contains location. See my updated post: https://news.ycombinator.com/item?id=40949640
1 comments
hanspeter 705 days ago
Why would the removed timestamps make the data have no value for internal analytics?

It's possible they were operating from a privacy first principle and storing only the exact data they needed for a specific internal objective.

link
smcin 705 days ago
I pointed out previously that the logs contained unobscured phone numbers, so no privacy. You can deanonymize just by reverse-searching the phone number in data broker datasets. They also included the location data for each call/text. Yet no datestamp. That's weird.

As to who would be the end-user for the social graph of 110m users with location data but without dates and times, show us any use-case that's telco-related (not even spam prevention). It's not going to be. You'd want timestamps to disambiguate who are they contacting at work, at home, on their commute, at weekends, etc. So without that it'll be more like alternate credit scoring, surveillance, national-security. And why was Snowflake so eager to promote industries building business models on users' location data? For growth, sure, but who is this mystery industry sector that suddenly sprang up at the same time as GPT-4?

link
smcin 705 days ago
More corroboration from another commenter on TechCrunch: https://techcrunch.com/2024/07/12/att-phone-records-stolen-d...

> [Eric Scott] AT&T was using the data to build a social graph. They didn't record the date and time because they didn't need it.

That isn't "internal analytics". The end-customers who would be buying that aren't telcos. Like I said.

link