US senators are seeking explanations from AT&T about why it stores extensive call and text message records on a third-party analytics platform known as the “AI Data Cloud.” Last week, AT&T revealed that customer data was illegally downloaded from its workspace on Snowflake, the third-party cloud service in question. The breach compromised call and text records of nearly all of AT&T’s cellular customers.
This incident places Snowflake, one of many affected corporate customers, under scrutiny. Senators Richard Blumenthal (D-Conn.) and Josh Hawley (R-Mo.) sent letters to both AT&T and Snowflake, questioning AT&T’s decision to retain and upload sensitive information to a third party.
The senators have asked AT&T CEO John Stankey to justify the extended storage of customer communication records and how Snowflake’s platform is employed by the company. AT&T’s communications to customers and the Securities and Exchange Commission have not shed sufficient light on these details.
Snowflake, which promotes its platform for its potential to enhance data collaboration and monetization, had previously highlighted AT&T as a successful case. AT&T’s Chief Data Officer Andy Markus lauded Snowflake’s role in improving operational efficiency and customer experience by replacing the company’s older on-premises systems.
According to AT&T’s statement to Ars Technica, the company uses “trusted” cloud services for tasks involving significant data amounts. Such services provide a centralized location for data analysis. The telecommunications giant said it utilizes historical customer data for network planning, capacity utilization, and developing new services.
The company, however, did not provide explicit details on its data retention policies, only stating that they are determined by factors such as the type of information, business needs, legal requirements, and ongoing litigation or government orders. Snowflake, when approached by Ars Technica, declined to give specific details but promised to address the senators’ inquiries directly.