U.S. senators are Watch The Butcher, the Chef, and the Swordsman Onlinestarkly questioning AT&T's data storage practices after a serious data breach.

Sens. Richard Blumenthal (D-Conn.) and Josh Hawley (R-Mo.) — the chair and ranking member of the Senate Judiciary Subcommittee on Privacy, Technology, and the Law — wrote letters questioning the telecom giant and its practice of storing call and text records with a third-party platform called Snowflake.

The lawmakers demanded more info regarding the hack in which the company said "nearly all" text and phone records were stolen in mid-to-late 2022. The letters demanded answers from the CEOs of both AT&T and Snowflake.

AT&T's security practices face scrutiny

"Why had AT&T retained months of detailed records of customer communication for an extended amount of time and why had AT&T uploaded that sensitive information onto a third party analytics platform?" the senators asked. "What is AT&T policy, including timelines, concerning retaining and using such information?"

Blumenthal and Hawley also pressed the fact other Snowflake clients — such as Ticketmaster, Advance Auto Parts, and Santander Bank — have announced breaches of information hosted by the company. The lawmakers suggested the AT&T breach was a result of basic cybersecurity failures, centering on malware infections and passwords that had gone unchanged for years.

"Disturbingly, the AT&T breach appears to have been easily preventable," the senators wrote.

• T-Mobile, AT&T, and Verizon were all tested for speed. Which one won?
• AT&T reportedly paid hacker $370,000 to delete stolen customer data
• Hackers cause EA to postpone Apex Legends pro gamer tournament
• Can hackers get into your Google account without a password?
• AT&T resets millions of passcodes after data leak

Not long after the news of the breach broke, it was reported that AT&T had actually paid a hacker roughly $370,000 to delete the stolen information — though that does not actually guarantee the data is actually fully gone.