U.S. cell phone service provider AT&T has disclosed a significant data breach. The breach involves the call and text message records of nearly all its customers over a six-month period last year. This incident has affected tens of millions of people, given AT&T’s substantial subscriber base.
During the breach period, AT&T had approximately 110 million subscribers. The breach also impacts customers of wireless providers using AT&T’s network and AT&T landline customers who called those cell numbers.
Timeline of the Breach
The data breach occurred between May and October 2022. Additionally, a small number of customers were affected on January 2, 2023. In a Friday morning Form 8-K filing with the SEC, AT&T disclosed that the stolen data includes call and text records for nearly all AT&T mobile customers and customers of mobile virtual network operators (MVNOs) from May 1 to October 31, 2022, and on January 2, 2023.
Upon discovery, AT&T launched an investigation and engaged leading cybersecurity experts to understand the scope of the criminal activity. The company has taken steps to close the illegal access point and is working with law enforcement to apprehend those involved.
Details of the Exposed Data
The breach exposed several types of information:
- Phone numbers of cellular customers
- Phone numbers of customers of wireless providers using AT&T’s network
- Phone numbers of landline customers who called AT&T cell numbers
- Number of interactions
- Call duration
However, AT&T confirmed that the content of calls and texts, Social Security numbers, dates of birth, and personally identifiable information were not exposed.
Implications for Affected Customers
Although the content of calls and texts was not leaked, the exposure of phone numbers and call durations can still be concerning. It is relatively easy to associate a phone number with a particular individual, which can be problematic for those who value their privacy.
AT&T has stated that they do not believe the data is still publicly available. They plan to notify affected customers and provide resources to protect their information.
This is not the first data breach AT&T has experienced. In March, the company revealed that the personal information of approximately 73 million customers had been leaked onto the dark web. AT&T assures that the current breach is separate and not related to the previous incident.
Despite the relief that the contents of calls and texts were not stolen, the breach is still nerve-wracking given the amount of information stored on our phones.
Steps Taken by AT&T
AT&T is collaborating with law enforcement to apprehend those involved in the data breach and has confirmed that at least one individual has been arrested.
The company has enhanced its cybersecurity measures to prevent future unauthorized access attempts and will soon notify current and former customers affected by the incident.
AT&T has taken several measures to address the breach:
- Closing the illegal access point
- Engaging cybersecurity experts
- Working with law enforcement
- Notifying affected customers
- Providing protective resources
These steps aim to mitigate the impact of the breach and prevent future incidents.
In the meantime, AT&T customers can visit the FAQ page to check if their phone number’s data was exposed and to download the associated stolen data.
Currently, AT&T reports no evidence that the accessed data has been publicly disclosed and clarifies that this incident is unrelated to the 2021 data breach that affected 51 million customers.
