Nearly all AT&T cell customers’ call and text records exposed in a massive breach | CNN Business (2024)

Nearly all AT&T cell customers’ call and text records exposed in a massive breach | CNN Business (1)

A visitor walks past an AT&T logo.

CNN

The call and text message records from mid-to-late 2022 of tens of millions of AT&T cellphone customers and many non-AT&T customers were exposed in a massive data breach, the telecom company revealed Friday.

AT&T said the compromised data includes the telephone numbers of “nearly all” of its cellular customers and the customers of wireless providers that use its network between May 1, 2022 and October 31, 2022.

The stolen logs also contain a record of every number AT&T customers called or texted – including customers of other wireless networks – the number of times they interacted, and the call duration.

Importantly, AT&T said the stolen data did not include the contents of calls and text messages nor the time of those communications.

The records of a “very small number” of customers from January 2, 2023, were also implicated, AT&T said.

“We have an ongoing investigation into the AT&T breach and we’re coordinating with our law enforcement partners,” the FCC said on social media platform X.

The companyblamedan “illegal download” on a third-party cloud platform that it learned about in April – just as the company was grappling with anunrelated major data leak.

AT&T says that the exposed data is not believed to be publicly available, however CNN was unable to independently verify that assertion.

AT&T spokesperson Alex Byers told CNN that this was an entirely new incident that had “no connection in any way” to another incident disclosed in March. At that time, AT&T said personal information such as Social Security numbers on 73 million current and former customers was released onto the dark web.

“We sincerely regret this incident occurred and remain committed to protecting the information in our care,” the company said in a statement about the latest breach.

AT&T listed approximately 110 million wireless subscribers as of the end of 2022. AT&T said international calls were not included in the stolen data, with the exception of calls to Canada.

The breach also included AT&T landline customers who interacted with those cell numbers.

AT&T said that contents of the calls or texts, personal information such as Social Security numbers, dates of birth, or customer names were not exposed in this incident, however the company acknowledged that publicly available tools can often link names with specific phone numbers.

Additionally, AT&T said that for an undisclosed subset of its records, one or more cell site identification numbers linked to the calls and texts were also exposed. Such data could reveal the broad geographic location of one or more of the parties.

AT&T believes that at least one person involved in the cybercriminal incident is in custody, the company said in a filing with the Securities and Exchange Commission. The FBI declined to comment when asked about that statement.

AT&T promised to notify current and former customers whose information was involved and provide them resources to protect their information.

Usage details such as the time of calls and text messages were not compromised either. But AT&T spokesperson Byers told CNN that the number of calls and text messages, and total call durations for specific days or months were exposed.

That means the data would not identify precisely when one phone number called another but could reveal how often two parties called each other – and how long they spoke for – on specific days.

AT&T said it learned on April 19 that a “threat actor claimed to have unlawfully accessed and copied AT&T call logs.” The company said it “immediately” hired experts and a subsequent investigation determined hackers had exfiltrated files between April 14 and April 25.

Justice Department delays public disclosure

The company said the US Department of Justice Department determined in May and in June that a delay in public disclosure was warranted. The FBI said AT&T reached out shortly after learning about the hack, but the agency wanted to review the data for potential national security or public safety risks.

“In assessing the nature of the breach, all parties discussed a potential delay to public reporting… due to potential risks to national security and/or public safety,” the FBI said in a statement. “AT&T, FBI, and DOJ worked collaboratively through the first and second delay process, all while sharing key threat intelligence to bolster FBI investigative equities and to assist AT&T’s incident response work.”

This appears to be the first cyber incident in which the Justice Department has asked a company to delay filing a disclosure with the SEC because of potential national security or public safety concerns.

“This is very concerning. This information is very valuable to cyber criminals and to nation-states,” Sanaz Yashar, co-founder and CEO of cybersecurity firm Zafran, told CNN.

Yashar, previously an Israeli cyber spy, said threat actors can correlate the cell ID data with other information readily available to pinpoint where someone works – including at sensitive locations like the White House and Pentagon.

“You don’t need the timestamp. If someone is there everyday, you can understand they work there and their routine. This is very secret information and a way that spies do stuff.”

Justin Sherman, founder of Global Cyber Strategies, a consultancy, also put the potential threat in stark terms.

“Metadata about who’s communicating with who, at massive scale, enables someone to map connections between people — think journalists and sources, intelligence officers and their contacts, married people and those with whom they’re having an affair,” Sherman told CNN.

Jason Hogg, a former FBI special agent who is now executive-in-residence at Great Hill Partners, said the cell site data is “quite significant because it could allow bad actors to determine certain consumers’ geolocation, which could be used to make the social engineering attacks more believable.”

AT&T shares fell 1% on Friday following the news.

In the new incident, AT&T told CNN it learned in April that customer data was illegally downloaded from its workspace on Snowflake, a third-party cloud platform.

AT&T is only the latest major company to have data stolen via access to their Snowflake platform. Ticketmaster and Santander Bank have also recently disclosed massive data breaches linked to Snowflake. Mandiant, a Google-owned cybersecurity firm, has notified at least 165 organizations that they may have been affected by the hacking spree. Mandiant analysts said they have “moderate confidence” that the hackers are based in North America and that they collaborate with an additional person in Turkey.

Brad Jones, chief information security officer at Snowflake, told CNN in a separate statement that the company has not found evidence this activity was “caused by a vulnerability, misconfiguration or breach of Snowflake’s platform.” Jones said this has been verified by investigations by third-party cybersecurity experts at Mandiant and CrowdStrike.

AT&T said it launched an investigation, hired cybersecurity experts and took steps to close the “illegal access point.”

This story has been updated with additional context and developments.

Nearly all AT&T cell customers’ call and text records exposed in a massive breach | CNN Business (2024)
Top Articles
Where to Find Garnet: 4 Best Locations Near Me (United States)
46 Excellent Places For Rockhounding in Nevada In 2024
Foxy Roxxie Coomer
Po Box 7250 Sioux Falls Sd
Dannys U Pull - Self-Service Automotive Recycling
Is Sam's Club Plus worth it? What to know about the premium warehouse membership before you sign up
Palm Coast Permits Online
What Are the Best Cal State Schools? | BestColleges
Toyota Campers For Sale Craigslist
Konkurrenz für Kioske: 7-Eleven will Minisupermärkte in Deutschland etablieren
Shaniki Hernandez Cam
Daniela Antury Telegram
Cranberry sauce, canned, sweetened, 1 slice (1/2" thick, approx 8 slices per can) - Health Encyclopedia
Missing 2023 Showtimes Near Landmark Cinemas Peoria
DIN 41612 - FCI - PDF Catalogs | Technical Documentation
Rapv Springfield Ma
Nene25 Sports
Chelactiv Max Cream
Iu Spring Break 2024
Hollywood Bowl Section H
H12 Weidian
Recap: Noah Syndergaard earns his first L.A. win as Dodgers sweep Cardinals
Qual o significado log out?
R&S Auto Lockridge Iowa
MyCase Pricing | Start Your 10-Day Free Trial Today
Amerisourcebergen Thoughtspot 2023
Bolly2Tolly Maari 2
Kuttymovies. Com
Worthington Industries Red Jacket
Eegees Gift Card Balance
R/Mp5
Used Safari Condo Alto R1723 For Sale
Swgoh Boba Fett Counter
Khatrimmaza
Tendermeetup Login
Despacito Justin Bieber Lyrics
Bismarck Mandan Mugshots
The Transformation Of Vanessa Ray From Childhood To Blue Bloods - Looper
Thelemagick Library - The New Comment to Liber AL vel Legis
Worcester County Circuit Court
Barstool Sports Gif
Cocorahs South Dakota
Stranahan Theater Dress Code
2024-09-13 | Iveda Solutions, Inc. Announces Reverse Stock Split to be Effective September 17, 2024; Publicly Traded Warrant Adjustment | NDAQ:IVDA | Press Release
Chase Bank Zip Code
Iupui Course Search
Air Sculpt Houston
Is TinyZone TV Safe?
Lagrone Funeral Chapel & Crematory Obituaries
login.microsoftonline.com Reviews | scam or legit check
Latest Posts
Article information

Author: Tyson Zemlak

Last Updated:

Views: 5231

Rating: 4.2 / 5 (43 voted)

Reviews: 82% of readers found this page helpful

Author information

Name: Tyson Zemlak

Birthday: 1992-03-17

Address: Apt. 662 96191 Quigley Dam, Kubview, MA 42013

Phone: +441678032891

Job: Community-Services Orchestrator

Hobby: Coffee roasting, Calligraphy, Metalworking, Fashion, Vehicle restoration, Shopping, Photography

Introduction: My name is Tyson Zemlak, I am a excited, light, sparkling, super, open, fair, magnificent person who loves writing and wants to share my knowledge and understanding with you.