On Friday, AT&T confirmed that a major data breach, first revealed in April, may have affected a vast number of its cellular customers. The company stated that the incident has exposed call and text logs for nearly all of its subscribers.
“In April, AT&T learned that customer data was illegally downloaded from our workspace on a third-party cloud platform,” the company said in a statement. “We launched an investigation and engaged leading cybersecurity experts to understand the nature and scope of the criminal activity. We have taken steps to close off the illegal access point.”
The breach reportedly includes records containing the call and text logs of AT&T's cellular subscribers from May 1, 2022, to October 31, 2022. At the end of 2022, AT&T had around 110 million wireless subscribers.
By the Numbers
While the exposed data does not include content from calls or texts or sensitive personal information such as Social Security numbers or dates of birth, the sheer scale of the breach is concerning.
“At this time, we do not believe that the data is publicly available,” AT&T assured in their statement. “We are working with law enforcement in its efforts to arrest those involved in the incident. We understand that at least one person has been apprehended.”
For customers seeking more information, AT&T has directed them to their dedicated webpage at att.com/DataIncident.
According to reports, AT&T disclosed over the weekend that the breach may have leaked personal information for approximately 7.6 million current customers and about 65.4 million former customers. This situation suggests a substantial vulnerability in their data protection protocols.
Roughly two weeks prior to the announcement, AT&T indicated that the data set was exposed on the “dark web.” The source of the leak remains unclear, whether it stemmed from AT&T directly or from a related vendor.
By the Numbers
The compromised data might contain crucial information including Social Security numbers, full names, phone numbers, AT&T account details, and email and postal addresses.
Impact and Legacy
“Currently, AT&T does not have evidence of unauthorized access to its systems resulting in exfiltration of the data set,” the company emphasized. “The company is communicating proactively with those impacted and will be offering credit monitoring at our expense where applicable.”
AT&T also maintained that this breach has not significantly impacted the company’s operations to date. They further clarified that the compromised records seem to originate from accounts established in 2019 or earlier.
The leaks prompted attention from tech observers, including the account @vx-underground, which reported findings on the platform X. They claimed, “Today 70,000,000+ records from an unspecified division of AT&T were leaked onto Breached.” The account verified the authenticity of the stolen data, adding, “we can confirm the stolen data is legitimate.”
Earlier this year, AT&T faced a significant outage affecting about 75% of its customers. Following that incident, CEO John Stankey announced that impacted customers would receive a $5 credit to their account for the inconvenience.
As the investigation continues, the implications of this data breach will likely challenge AT&T's reputation for security and customer satisfaction. The ongoing legal inquiries and measures to secure customer data will play a crucial role in shaping the company's path forward.
