Massive Data Breach: The call and text message records of tens of millions of AT&T cellphone customers, along with many non-AT&T customers, were exposed in a massive data breach occurring between mid-to-late 2022, the telecom company revealed on Friday. Despite the scope of the breach, AT&T assured that the content of calls and texts was not compromised.
Details of the Massive Data Breach
AT&T attributed the breach to an “illegal download” from a third-party cloud platform, discovered in April while dealing with an unrelated data leak. The exposed data includes phone numbers and records of calls and texts made between May 1, 2022, and October 31, 2022. The breach affected nearly all AT&T cellular customers and those of wireless providers using its network. Additionally, a small number of records from January 2, 2023, were also implicated. However, international calls, except to Canada, were not included.
Customer Information at Risk
The breach did not expose customer names directly, but AT&T acknowledged that publicly available tools could potentially link phone numbers to specific individuals. The stolen data also contained one or more cell site identification numbers for an undisclosed subset of records, which could reveal the broad geographic location of the parties involved.
Read this also: Intuit Announces Strategic Workforce Changes: 10% Layoffs and Expansion Plans
AT&T’s Response on Massive Data Breach
AT&T stated, “At this time, we do not believe that the data is publicly available. We sincerely regret this incident occurred and remain committed to protecting the information in our care.” The company promised to notify affected current and former customers and provide resources to protect their information.
Content and Personal Information Not Compromised
Although the breach exposed phone and text records, it did not include the content of the calls or texts, nor did it contain sensitive personal information such as Social Security numbers, dates of birth, or other personally identifiable details. Usage details like the time of calls and text messages were also not compromised.
Discovery and Investigation
AT&T learned of the breach on April 19 when a “threat actor claimed to have unlawfully accessed and copied AT&T call logs.” The company immediately hired experts, and an investigation revealed that hackers exfiltrated files between April 14 and April 25. The U.S. Department of Justice determined that delaying public disclosure was warranted, and the FBI reviewed the data for potential national security risks.
Market Reaction and Company Statements
Massive Data Breach: Following the news, AT&T shares fell 2% in premarket trading. AT&T spokesperson Alex Byers emphasized that this new incident is unrelated to a previous breach disclosed in March, where personal information of 73 million customers was released onto the dark web. In this incident, AT&T discovered in April that customer data was illegally downloaded from its workspace on Snowflake, a third-party cloud platform.
Brad Jones, Chief Information Security Officer at Snowflake, stated that there was no evidence that the activity resulted from a vulnerability, misconfiguration, or breach of Snowflake’s platform. AT&T has since launched an investigation, hired cybersecurity experts, and closed the “illegal access point.” The company is cooperating with law enforcement, and at least one person has been arrested.
Commitment to Customer Security
AT&T remains committed to safeguarding customer information and is taking all necessary steps to prevent future breaches. The company is working closely with law enforcement to apprehend those responsible for the breach.