Pau Barrena/AFP/Getty Pictures
A customer walks previous an AT&T emblem.
The Gentleman Report
—
The decision and textual content message data of tens of hundreds of thousands of AT&T cell phone shoppers and plenty of non-AT&T shoppers in mid-to-late 2022 had been uncovered in an enormous knowledge breach, the telecom corporate printed Friday.
AT&T mentioned the hacked knowledge didn’t come with the content material of calls and textual content messages. At this level, the uncovered knowledge isn’t believed to be publicly to be had.
The corporate blamed an “unlawful obtain” on a third-party cloud platform that it realized about in April – simply as the corporate was once grappling with an unrelated primary knowledge leak.
AT&T mentioned the compromised knowledge comprises the phone numbers of “just about all” of its mobile shoppers and the purchasers of wi-fi suppliers that use its community between Might 1, 2022 and October 31, 2022. The stolen logs additionally include a document of each quantity AT&T shoppers known as or texted – together with shoppers of different wi-fi networks – the choice of occasions they interacted and the decision period.
The data of a “very small quantity” of consumers on January 2, 2023 had been additionally implicated, AT&T mentioned. The content material of the calls and texts weren’t uncovered, in line with the corporate.
AT&T indexed roughly 110 million wi-fi subscribers as of the top of 2022. AT&T mentioned world calls weren’t incorporated within the stolen knowledge, aside from calls to Canada.
The breach additionally incorporated AT&T landline shoppers who interacted with the ones mobile numbers.
AT&T mentioned buyer names weren’t uncovered on this incident, alternatively the corporate stated that publicly to be had equipment can incessantly hyperlink names with particular telephone numbers.
Moreover, AT&T mentioned that for an undisclosed subset of its data, a number of mobile web site identity numbers connected to the calls and texts had been additionally uncovered. Such knowledge may just disclose the extensive geographic location of a number of of the events.
“Presently, we don’t consider that the information is publicly to be had,” AT&T mentioned in a remark. “We sincerely remorseful about this incident came about and stay dedicated to protective the tips in our care.”
AT&T promised to inform present and previous shoppers whose data was once concerned and supply them sources to give protection to their data.
Despite the fact that the breach uncovered telephone and textual content data, AT&T mentioned it does no longer include the contents of the calls or texts, nor does it include non-public data corresponding to Social Safety numbers, dates of beginning or different individually identifiable data.
Utilization main points such because the time of calls and textual content messages weren’t compromised both.
AT&T mentioned it realized on April 19 {that a} “danger actor claimed to have unlawfully accessed and copied AT&T name logs.” The corporate mentioned it “in an instant” employed mavens and a next investigation made up our minds hackers and exfiltrated recordsdata between April 14 and April 25.
The corporate mentioned the USA Division of Justice Division made up our minds in Might and in June {that a} extend in public disclosure was once warranted. The FBI mentioned AT&T reached out in a while after studying in regards to the hack, however the company sought after to study the information for doable nationwide safety dangers.
“In assessing the character of the breach, all events mentioned a possible extend to public reporting … because of doable dangers to nationwide safety and/or public protection,” the FBI mentioned in a remark. “AT&T, FBI, and DOJ labored collaboratively in the course of the first and 2d extend procedure, all whilst sharing key danger intelligence to reinforce FBI investigative equities and to lend a hand AT&T’s incident reaction paintings.”
AT&T stocks fell 2% in premarket buying and selling following the scoop.
AT&T spokesperson Alex Byers advised The Gentleman Report that this new incident has “no connection by any means” to an incident disclosed in March. At the moment, AT&T mentioned non-public data corresponding to Social Safety numbers on 73 million present and previous shoppers was once launched onto the darkish internet.
Within the new incident, AT&T advised The Gentleman Report it realized in April that buyer knowledge was once illegally downloaded from its workspace on Snowflake, a third-party cloud platform.
Brad Jones, leader data safety officer at Snowflake, advised The Gentleman Report in a separate remark that the corporate has no longer discovered proof this job was once “brought about via a vulnerability, misconfiguration or breach of Snowflake’s platform.” Jones mentioned this has been verified via investigations via third-party cybersecurity mavens at Mandiant and CrowdStroke.
AT&T mentioned it introduced an investigation, employed cybersecurity mavens and took steps to near the “unlawful get admission to level.”
The corporate mentioned it’s cooperating with regulation enforcement’s efforts to apprehend the ones accountable and understands a minimum of one individual has already been arrested.
This tale has been up to date with further context and traits.