A recent regulatory filing revealed a significant data breach at AT&T, impacting “nearly all” of its wireless customers. This breach, occurring in 2022, exposed call and text message records. Thankfully, the breach did not include the actual content of those calls or texts. However, the scale means tens of millions of customers might be affected.
Between April 14 and April 25, 2022, hackers accessed the data. Another breach occurred for a single day in January 2023. While personal information like names or social security numbers remained secure, the compromised data included call and text records.
In response to the breach, AT&T stated, “At this time, we do not believe that the data is publicly available. We sincerely regret this incident occurred and remain committed to protecting the information in our care.”
According to the company, the breach impacted nearly all of its approximately 100 million wireless customers. Additionally, mobile virtual network operators using AT&T’s network and some landline customers interacting with affected mobile numbers from May to October 2022 might also be affected.
Investigations began on April 19, when AT&T mentioned that a “threat actor claimed to have unlawfully accessed and copied AT&T call logs.” The company’s delay in informing customers reportedly stemmed from instructions from the US Department of Justice, which advised a delay in public disclosure.
Details on how the breach occurred remain unclear. However, AT&T pointed to customer data being illegally downloaded from its workspace on Snowflake, a third-party cloud platform. Snowflake refuted this claim, stating their investigation found no evidence of a vulnerability or breach within their platform.
Efforts to identify and apprehend the perpetrators are ongoing. One individual has already been taken into custody in connection with the investigation.