/cdn.vox-cdn.com/uploads/chorus_asset/file/24785179/STK158_ATT_02.jpg?w=932&resize=932,640&ssl=1)
ATT revealed on Friday morning that a cybersecurity attack exposed call and text logs for “nearly all” of the carrier’s cellular customers (including people at mobile virtual network operators, or MVNOs, that use AT&T’s network, such as Cricket, Boost Mobile, and Consumer cellular). The breach occurred during the period between May 1, 2022 and October 31, 2022, in addition to an incident that impacted a “very small number” of customers on January 2, 2023.
AT&T spokesperson Alex Byers confirmed On the edge the threat actor accessed the information through the company’s account on a third-party cloud platform, Snowflake, similar to the data breaches that affected Ticketmaster and Banco Santander. AT&T first learned of the breach in April, but as reported by TechCrunchan FBI spokesperson confirmed that “AT&T, the FBI and the Department of Justice agreed to delay notification to the public and customers on two occasions, citing ‘potential risks to national security and/or public safety.’”
The stolen data includes which phone numbers customers interacted with, and Byers says On the edge that the breach also includes “counts of such calls/text messages and total call durations on specific days or months.”
Downloaded data does not include the content of calls or text messages. It does not have timestamps for calls or texts. It also does not contain details such as Social Security numbers, dates of birth or other personally identifiable information.
Although the data does not include customer names, there are often ways to find a name associated with a phone number using publicly available online tools.
In a blog post, AT&T said “we do not believe the data is publicly available” and that it “has taken steps to close the illegal access point.” The company is working with authorities to “arrest those involved” and claims that one person has already been detained.
“We will provide notice to current and former customers whose information was involved, along with resources to help protect their information,” AT&T writes. “We sincerely regret that this incident occurred and remain committed to protecting the information in our care.”
