- AT&T announced that some miscreants managed to illegally download the call and text records of 109 million AT&T users on a third-party cloud platform.
- The attack was first discovered in April this year, but the company didn’t make a public announcement then on the advice of the authorities.
- Investigation is ongoing and at least one arrest has already been made. Meanwhile, AT&T is doing its best to step up internal security.
- The company has also promised to notify all former and current customers who have been caught up in this unfortunate incident and provide them with all the resources they’ll need to keep their data safe.
AT&T customers have been hit by yet another data breach. The telecommunications company announced that data of more than 109 million customer accounts has been compromised, which is nearly all of its users.
This includes all call records and texts between May 2022 and October 2022 and affects almost all of AT&T’s cellular and AT&T’s landline customers.
In addition to that, the miscreants also stole call records from January 2, 2023. This one, however, affects only a small number of customers.
The only silver lining in this case is that the content of the calls and texts has not been leaked. The threat actors have also not managed to get their hands on personal information such as social security numbers, addresses, or dates of birth of the customers.
According to reports, the names of the customers will also remain anonymous—unless, of course, the miscreants used a third-party tool to divulge their identities.
What Is AT&T Doing about the Attack?
AT&T first discovered the attack in April (between April 14 and April 25, to be precise) this year, when it realized that a huge chunk of its customers’ data had been downloaded from its workspace to a third-party cloud platform.
Soon after that, the company contacted the FBI and an investigation was launched to understand the full scope of the attack. It is believed that an arrest has also been made in this case.
However, most of the details regarding the investigation have been under wraps. The FBI has also declined any requests for comment.
Additionally, AT&T is also taking security measures to ensure that such an attack doesn’t happen again in the future. For starters, it’s looking for and closing down unlawful access points in its workspace. It also assured the customers that this data is in all likelihood not publicly available, so they have nothing to worry about.
AT&T has promised to notify all former and current customers who have been caught up in this unfortunate incident and provide them with all the resources they’ll need to protect their data.
Last but not least, AT&T said that this attack has had no material impact on its business.
Cause of the Attack
Not much is known about the cause of the latest attack on AT&T. However, the company confirmed that it did not receive any evidence to suggest that this attack is connected to another incident (the data breach affecting 73 million AT&T users)—which it discovered in March this year—or even the latest breach at Snowflake.
Regardless of the cause, AT&T’s share prices fell by 2% in premarket trading following the news, likely due to the company’s recent disappointing cybersecurity performance. This is certainly not acceptable for a company of this magnitude and stature, let alone its importance.