THREAT ALERT
Friday, July 12th, 2024
News is emerging about AT&T’s disclosure of what they term as ‘Unlawful Access of Customer Data.’ The majority of AT&T customer data was illegally downloaded from their workspace on a third-party cloud platform from May 2022 through October 31, 2022 and on January 2, 2023.
News is emerging about AT&T’s disclosure of what they term as ‘Unlawful Access of Customer Data.’ Initial reports suggest that an overwhelming majority of AT&T’s clientele may have been affected by this incident spanning from May 2022 through October 31, 2022. AT&T has issued a statement on their official website today.
The excerpt below is sourced directly from their online platform and is showing last updated on July 12, 2024:
What Happened
We learned that AT&T customer data was illegally downloaded from our workspace on a third-party cloud platform. We started an investigation and engaged leading cybersecurity experts to help us determine the nature and scope of the issue. We have confirmed the access point has been secured.
Our investigation found that the downloaded data included phone call and text message records of nearly all of AT&T cellular customers from May 1, 2022 to October 31, 2022 as well as on January 2, 2023. These records identify other phone numbers that an AT&T wireless number interacted with during this time, including AT&T landline (home phone) customers. For a subset of the records, one or more cell site ID numbers associated with the interactions are also included.
At this time, we do not believe the data is publicly available. We continue to work with law enforcement in their efforts to arrest those involved. Based on information available to us, we understand that at least one person has been apprehended.
Data Involved
The call and text records identify the phone numbers with which an AT&T number interacted during this period, including AT&T landline (home phone) customers. It also included counts of those calls or texts and total call durations for specific days or months.
We’ll notify current and former customers if their information was involved.
Data That Wasn’t Involved
The downloaded data doesn’t include the content of any calls or texts. It doesn’t have the time stamps for the calls or texts. It also doesn’t have any details such as Social Security numbers, dates of birth, or other personally identifiable information.
While the data doesn’t include customer names, there are often ways to find a name associated with a phone number using publicly available online tools.
What We Are Doing
Protecting your data is one of our top priorities. We have confirmed the affected access point has been secured.
We hold ourselves to a high standard and commit to delivering the experience that you deserve. We constantly evaluate and enhance our security to address changing cybersecurity threats and work to create a secure environment for you. We invest in our network’s security using a broad array of resources including people, capital, and innovative technology advancements.
This is the second time in just a few months of this type of disclosure from ATT. The last disclosure was in March of 2024 and was reported on in this forum. That incident involved PII data and possibly passcodes. Please bookmark and/or follow AT&T supports page located at: hxxps://att[.]com/support/article/my-account/000102979 to stay updated on the latest developments regarding this incident. Additionally, for a comprehensive list of ‘Frequently Asked Questions’ pertaining to this matter, please refer to the detailed information available at the provided AT&T URL.”
Recommendations
References
hxxps://att[.]com/support/article/my-account/000102979