'Nearly all' AT&T customers' data stolen in huge breach

AT&T issued a Friday press release that stated "nearly all" of its customers' call and text records were stolen in a massive data breach.

According to the telecommunication company, the sensitive information was "illegally downloaded from our workspace on a third-party cloud platform." It noted that it has launched an investigation into the incident, partnering with "leading cybersecurity experts to understand the nature and scope of the criminal activity."

'Incredibly sensitive pieces of personal information.'

AT&T said that it believes at least one individual involved in the breach has already been apprehended by law enforcement, but it continues to work with authorities to arrest all of those responsible and "close off the illegal access point."

The company's investigation has so far determined that the hackers swiped the call and text records of "nearly all of AT&T's cellular customers, customers of mobile virtual network operators (MVNOs) using AT&T's wireless network, as well as AT&T's landline customers who interacted with those cellular numbers between May 1, 2022 - October 31, 2022."

"The compromised data also includes records from January 2, 2023, for a very small number of customers. The records identify the telephone numbers an AT&T or MVNO cellular number interacted with during these periods. For a subset of records, one or more cell site identification number(s) associated with the interactions are also included," AT&T shared in its press release.

The company noted that the stolen data does not include the content of its customers' calls or texts. Hackers also did not obtain any personally identifiable information, including Social Security numbers or dates of birth. Additionally, the data breach did not include usage details, such as call and text time stamps, it noted.

"While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number," AT&T added. "At this time, we do not believe that the data is publicly available."

According to a May Securities and Exchange Commission filing, the telecommunications company learned about the data breach on April 19, 2024, stating that a "threat actor claimed to have unlawfully accessed and copied AT&T call logs."

The SEC filing stated that the Department of Justice previously advised AT&T to "delay" informing the public about the discovery, pursuant to Item 1.05(c) of Form 8-K.

NBC News reported that the DOJ and the FBI are working with AT&T to investigate the incident. The Federal Communications Commission launched its own investigation.

Thomas Rid, a professor of strategic studies and the director of the Alperovitch Institute for Cybersecurity Studies at Johns Hopkins University, told the news outlet, "If you have somebody's metadata, you know when they go to work, where they go to work, where they sleep every night."

In a statement to NBC News, John Scott-Railton, a senior researcher at the University of Toronto's Citizen Lab, said, "These are incredibly sensitive pieces of personal information and, when taken together at the scale of information that appears to be included in this AT&T breach, they presetent a massive NSA-like window into Americans' activity."

Like Blaze News? Bypass the censors, sign up for our newsletters, and get stories like this direct to your inbox. Sign up here!