Joining the dots on the facts so far, people don't seem to have grasped the apparent huge significance:
- guessing it was some GenAI startup looking into consumer tracking, alternate credit scoring, surveillance or other national-security use-case.
- Very unusually, the DOJ ordered two ~month-long "delay periods" in disclosure: ("The Justice Department determined on May 9 and again on June 5 that a delay in providing public disclosure was warranted"). Yet this didn't happen for Ticketmaster or MOVEit breaches revealed around the same time. "Cybersecurity delay period requests" is a new power quietly authorized by the DOJ+SEC+FBI, 18 Dec 2023 [0]. Note that [1] emphasizes this as "Corporate Alert - guidance for delay requests [on SEC 8-K]". Might Congress already have known/suspected, when it authorized the cybersecurity delay request powers, of the Snowflake/AT&T breach? Either way, whoever is involved seems to have very powerful friends. Also, the big FISA renewal vote was Apr 19 2024 [2].
- Seems the cloud instance was set up the same time GPT-4 was released (March 2023), also when Snowflake set up a Telco business unit [3] ("Location data... Alternate credit scoring, hyper-targeted marketing and more... an emerging trend of companies building partnerships with telecoms to power use cases across multiple industries"). This product is not aimed at the telcos' use-cases, but at new revenue streams. (Who might the unnamed Snowflake AI partner(s) be?)
- They set up the Snowflake instance with AT&T/MVNO customers with timestamps removed, but with location data, yet the phone numbers not obscured or removed. Doesn't sound like "internal analytics" or "competitor analysis". What sorts of end-users want to pay for the entire social-graph of 110m, regardless whether those customers never make a phone call again? [EDIT: I confused the details of this AT&T breach with the other (2019) one disclosed on 3/2024: 77m AT&T/MVNO customers, 90% of them former customers]
- guessing it was some GenAI startup looking into consumer tracking, alternate credit scoring, surveillance or other national-security use-case.
- Very unusually, the DOJ ordered two ~month-long "delay periods" in disclosure: ("The Justice Department determined on May 9 and again on June 5 that a delay in providing public disclosure was warranted"). Yet this didn't happen for Ticketmaster or MOVEit breaches revealed around the same time. "Cybersecurity delay period requests" is a new power quietly authorized by the DOJ+SEC+FBI, 18 Dec 2023 [0]. Note that [1] emphasizes this as "Corporate Alert - guidance for delay requests [on SEC 8-K]". Might Congress already have known/suspected, when it authorized the cybersecurity delay request powers, of the Snowflake/AT&T breach? Either way, whoever is involved seems to have very powerful friends. Also, the big FISA renewal vote was Apr 19 2024 [2].
- Seems the cloud instance was set up the same time GPT-4 was released (March 2023), also when Snowflake set up a Telco business unit [3] ("Location data... Alternate credit scoring, hyper-targeted marketing and more... an emerging trend of companies building partnerships with telecoms to power use cases across multiple industries"). This product is not aimed at the telcos' use-cases, but at new revenue streams. (Who might the unnamed Snowflake AI partner(s) be?)
- They set up the Snowflake instance with AT&T/MVNO customers with timestamps removed, but with location data, yet the phone numbers not obscured or removed. Doesn't sound like "internal analytics" or "competitor analysis". What sorts of end-users want to pay for the entire social-graph of 110m, regardless whether those customers never make a phone call again? [EDIT: I confused the details of this AT&T breach with the other (2019) one disclosed on 3/2024: 77m AT&T/MVNO customers, 90% of them former customers]
[0]: "FBI Guidance to Victims of Cyber Incidents on SEC Reporting Requirements: FBI Policy Notice Summary" https://www.fbi.gov/investigate/cyber/fbi-guidance-to-victim...
[1]: "US Corporate Alert - DOJ, FBI, and SEC provide guidance for delay requests relating to disclosure of cybersecurity incidents under form 8-K" https://www.klgates.com/DOJ-FBI-and-SEC-Provide-Guidance-for...
[2]: US House approves FISA renewal – warrantless surveillance and all https://news.ycombinator.com/item?id=40041784
[3]: Snowflake cloud Telco unit, 4/2023: "Unlocking the Value of Telecom Data: Why It’s Time to Act" https://www.snowflake.com/blog/telecom-data-partnerships/