In a recent regulatory filing, AT&T disclosed that a hacker managed to steal call and text records for nearly all its customers. The company initiated an investigation after discovering on April 19 that an unauthorized individual claimed to have accessed and copied AT&T call logs. This breach was reported to the U.S. Securities and Exchange Commission (SEC).
The unauthorized access occurred on a third-party cloud platform used by AT&T, allowing the hacker to exfiltrate files containing customer interactions from May 1 to October 31, 2022. Additionally, data for a small number of customers was compromised on January 2, 2023, according to a separate company release.
The breach affects not only AT&T’s cellular customers but also those using mobile virtual network operators (MVNOs) that rely on AT&T’s wireless network, as well as landline customers who interacted with those cellular numbers. The compromised data includes details such as telephone numbers involved in the interactions, the count of those interactions, and aggregate call durations. Importantly, the content of the calls and texts was not accessed, nor were personal identifiers like Social Security numbers or birthdates.
While the stolen data does not include customer names, AT&T acknowledged that names could potentially be matched to specific telephone numbers through publicly available online tools. The company emphasized that it has engaged leading cybersecurity experts to thoroughly investigate the breach and understand its full scope. They also stated that they have secured the point of unlawful access to prevent further breaches.
One individual has already been arrested in connection with the incident, and AT&T continues to cooperate with law enforcement to apprehend others involved. This breach is the latest in a series of challenges for the company, coming on the heels of a March data breach that exposed 73 million accounts on the dark web. Additionally, AT&T has faced significant service disruptions, including a 10-hour network outage in February and another incident in June.
The repeated breaches and service issues underscore the importance of robust cybersecurity measures. For AT&T customers, the breach serves as a stark reminder of the potential risks associated with the storage and management of their data by telecommunications providers. The company’s response and future actions will be closely monitored by both customers and regulators.
This incident highlights the critical need for companies to enhance their cybersecurity protocols to protect consumer data. The repercussions of such breaches extend beyond immediate data loss, affecting customer trust and the overall reputation of the company involved.
