In a critical cyber security-related incident, AT&T revealed that hackers gained access to nearly all of its cellular customers’ call and text records for the six months of 2022. The breach, which occurred between 1 May and 31 October 2022, came to light on Friday through a regulatory filing by the company.
AT&T explained that although this data does contain call and text logs, it does not contain the actual calls or messages as well as sensitive personal data such as Social Security numbers and dates of birth. The very big telecommunications firm also mentioned that on January 2, 2023, only a “very small number” of customers had their data compromised.
The company learned of the illegal download in April and has been working with law enforcement since then. “At least one person has been apprehended,” AT&T said. The data identifies phone numbers that communicated with AT&T numbers during those periods. But AT&T added that “at this time, we do not believe that the data is publicly available.”
Unlike another incident revealed this year, hackers downloaded the personal information of millions of current and former AT&T customers and posted it on the dark web.
AT&T has agreed to notify affected customers by text message, e-mail, or United States mail. Customers can also log into their accounts to determine whether they were affected and request a more plain-language report on the technical information that was exposed. More information is available on a webpage that AT&T has set up, att.com/DataIncident.
As a result, although this was a breach, additional identity theft protection services are not offered by AT&T. It tells users to be more careful regarding phishing and smishing. These are ways in which the bad actors send emails or text messages purporting to be from a company but done so for the main purpose of eliciting private information. AT&T advises only opening messages from known contacts and visiting company websites directly, rather than clicking links in unsolicited messages.
Access was gained via a third-party data warehousing product called Snowflake, which has been in recent news for holding the stolen data of Ticketmaster. It gave rise to concerns over the security of third-party platforms used by key companies.
In an email, AT&T said it takes security seriously: “We hold ourselves to a high standard and commit to delivering the experience that you deserve. We constantly evaluate and enhance our security to address changing cybersecurity threats and work to create a secure environment for you.”
The company further took enhanced cybersecurity measures following the incident and noted that it did not materially impact operations or its financial condition. The U.S. Department of Justice had determined a delay in public disclosure was appropriate, hence the need for the recent announcement.
AT&T wants to reassure customers of security as an investigation into the breach is still underway and to award them protection from such cyber-attacks in the future.
More for you:
- AT&T says hackers accessed records of calls and texts for nearly all its cellular customers.
- Tens of millions of AT&T customers were impacted by a data breach.
- AT&T reports data hack with impact on millions of users.