On Friday, AT&T released a statement indicating that a substantial data breach resulted in the theft of “nearly all” call and text records belonging to its customers.
According to the telecommunication company, the sensitive information was “illegally downloaded from our workspace on a third-party cloud platform.”
It noted that it has launched an investigation into the incident, partnering with “leading cybersecurity experts to understand the nature and scope of the criminal activity.”
‘Incredibly sensitive pieces of personal information.’
AT&T said that it believes at least one individual involved in the breach has already been apprehended by law enforcement, but it continues to work with authorities to arrest all of those responsible and “close off the illegal access point.”
The company’s investigation has so far determined that the hackers swiped the call and text records of “nearly all of AT&T’s cellular customers, customers of mobile virtual network operators (MVNOs) using AT&T’s wireless network, as well as AT&T’s landline customers who interacted with those cellular numbers between May 1, 2022 – October 31, 2022.”
“The compromised data also includes records from January 2, 2023, for a very small number of customers. The records identify the telephone numbers an AT&T or MVNO cellular number interacted with during these periods. For a subset of records, one or more cell site identification number(s) associated with the interactions are also included,” AT&T shared in its press release.
The company confirmed that the stolen data does not comprise its customers’ call or text content, and there was no access to personally identifiable information like Social Security numbers or dates of birth by the hackers. Furthermore, usage details such as call and text time stamps were not part of the data breach, as stated.
“While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number,” AT&T added. “At this time, we do not believe that the data is publicly available.”
In a filing with the Securities and Exchange Commission in May, it was revealed that the telecommunications company became aware of a data breach on April 19, 2024. The company stated that a “threat actor” had unlawfully gained access to and copied AT&T call logs.
The SEC filing also mentioned that the Department of Justice had instructed AT&T to hold off on disclosing this information to the public in accordance with Item 1.05(c) of Form 8-K.
NBC News reported that both the DOJ and the FBI are collaborating with AT&T to look into the incident, while the Federal Communications Commission has initiated its own investigation.
Thomas Rid, a professor of strategic studies and the director of the Alperovitch Institute for Cybersecurity Studies at Johns Hopkins University, told the news outlet, “If you have somebody’s metadata, you know when they go to work, where they go to work, where they sleep every night.”
In a statement to NBC News, John Scott-Railton, a senior researcher at the University of Toronto’s Citizen Lab, said, “These are incredibly sensitive pieces of personal information and, when taken together at the scale of information that appears to be included in this AT&T breach, they presetent a massive NSA-like window into Americans’ activity.”
ICYMI: Rising Beef Prices Means Large Food Producers Are Importing More Foreign Cattle