Massive Data Breach Exposes AT&T Customers’ Call and Text Records
Telecom Giant AT&T Faces Major Data Breach Affecting Millions
Published July 14, 2024

In a significant privacy breach, AT&T announced that tens of millions of call and text records from its cellphone customers, as well as many non-AT&T customers, have been exposed. The breach took place from mid-2022 to late 2022.

AT&T reported that the breach involved unauthorized access to telephone numbers of “nearly all” its cellular customers and customers of other wireless providers using its network between May 1, 2022, and October 31, 2022. The compromised data includes records of every number AT&T customer called or texted, the frequency of interactions, and call durations. However, the breach did not expose the contents of calls and text messages or the times of these communications. Additionally, records of a small number of customers from January 2, 2023, were also affected. AT&T identified the breach as an “illegal download” from a third-party cloud platform, discovered in April while dealing with another unrelated data leak.

This breach potentially affects AT&T’s approximately 110 million wireless subscribers and those of other networks who interacted with them. The breach also impacted AT&T landline customers who interacted with compromised cell numbers. AT&T assured that personal information such as Social Security numbers, dates of birth, and customer names were not exposed in this incident. However, they acknowledged that publicly available tools could link names with specific phone numbers. Additionally, for some records, cell site identification numbers were exposed, revealing the general geographic locations of the parties involved.

The Federal Communications Commission (FCC) has launched an investigation into the incident. The FBI and the Department of Justice were involved early, delaying public disclosure to assess national security and public safety risks. AT&T has promised to notify affected customers and provide resources to protect their information.

This breach is part of a series of incidents involving Snowflake, the third-party cloud platform used by AT&T. Other companies like Ticketmaster and Santander Bank have also reported similar breaches. Despite extensive investigations by cybersecurity firms Mandiant and CrowdStrike, Snowflake found no evidence of a vulnerability or misconfiguration in their platform.

ATT customers are encouraged to visit here to learn more and how to protect their data. 

The Title Town Times
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.