In April, AT&T (NYSE:T) discovered that customer data was illegally downloaded from a third-party cloud platform. The company launched an investigation and engaged leading cybersecurity experts to understand the nature and scope of the criminal activity.
Steps have been taken to close off the illegal access point, and AT&T is working with law enforcement in efforts to arrest those involved, with at least one person already apprehended.
The compromised data includes records of calls and texts from nearly all AT&T’s cellular customers, customers of mobile virtual network operators (MVNOs) using AT&T’s wireless network, and AT&T’s landline customers who interacted with those cellular numbers between May 1, 2022, and October 31, 2022. Additionally, records from January 2, 2023, for a small number of customers were compromised. The data identifies the telephone numbers an AT&T or MVNO cellular number interacted with during these periods, and for some records, one or more cell site identification numbers associated with the interactions are also included.
The data does not contain the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information. It also excludes some typical usage details like the time stamp of calls or texts. While customer names are not included, it is possible to find the name associated with a specific telephone number using publicly available online tools.
At this time, AT&T does not believe the data is publicly available. The company’s top priority is its customers, and it will provide notice to current and former customers whose information was involved, along with resources to help protect their information. AT&T regrets this incident and remains committed to protecting the information in its care. Customers can visit att.com/DataIncident for more information.
