AT&T Data Breach Exposes Call and Text Data of Nearly All Cellular Customers
In a recent announcement, AT&T revealed a significant data breach affecting nearly all of its cellular customers. Hackers managed to steal 2022 data from the company's workspace on a third-party cloud platform. This breach, which occurred in April, was disclosed in a regulatory filing and press release last Friday morning. AT&T has since taken additional cybersecurity measures to close off the point of unlawful access.
Scope of the Breach
The stolen data comprises records of phone calls and text messages from May to October 2022, along with a smaller subset from January 2, 2023. While the information taken is described as "aggregated metadata" and does not include the content of the calls and texts, it does contain details such as the numbers contacted, the number of interactions, and the total call durations. Additionally, some records include cell site ID numbers associated with the interactions. Importantly, the data does not include customer names, birthdays, social security numbers, or other personally identifiable information. However, AT&T warns that it is possible to determine a name associated with a specific telephone number using publicly available tools.
Timeline and Investigation
AT&T first learned of the breach in April, but public disclosure was delayed until now by the U.S. Justice Department to support its investigation. The Justice Department has confirmed its ongoing efforts to investigate the incident and has praised AT&T for its cooperation and timely notification to the FBI. AT&T's investigation identified that multiple "threat actors" were responsible for the breach. The company is working with law enforcement to apprehend the perpetrators, and at least one individual has been arrested so far.
Customer Notifications and Protective Measures
AT&T is notifying affected users via text, email, or U.S. mail. A dedicated webpage has been set up for current and former customers to check if their information was involved. Affected customers can request details of the phone numbers included in the stolen data through an online process available until the end of this year.
For those concerned about potential phishing and online fraud, AT&T advises not replying to texts from unknown senders with personal details and ensuring websites are secure by looking for "https" in the web address. Customers suspecting suspicious text activity should forward the message to AT&T and report any suspected fraud on their AT&T wireless account to its team.
Previous Breaches and Broader Context
This breach is not the first incident AT&T has reported this year. In March, AT&T reset the passcodes of approximately 7.6 million users after discovering a dataset on the dark web containing Social Security numbers and other personal information of around 70 million current and former account holders. Additionally, in February, AT&T offered $5 compensation to certain customers affected by a nearly 12-hour nationwide outage.
Other major companies, including Verizon, Ticketmaster, Dell, and Bank of America, have also reported significant data breaches this year, affecting millions of people.
As data breaches become increasingly common, it is crucial for both companies and customers to remain vigilant and take proactive steps to safeguard sensitive information. AT&Tâs recent breach serves as a stark reminder of the importance of robust cybersecurity measures and the need for ongoing vigilance in the digital age.