The call and text message records from mid-to-late 2022 of tens of millions of AT&T cellphone customers and many non-AT&T customers were exposed in a massive data breach, the American carrier revealed Friday.
Matt Egan and Sean Lyngaas for CNN:
AT&T said the compromised data includes the telephone numbers of “nearly all” of its cellular customers and the customers of wireless providers that use its network between May 1, 2022 and October 31, 2022.
The stolen logs also contain a record of every number AT&T customers called or texted – including customers of other wireless networks – the number of times they interacted, and the call duration.
Importantly, AT&T said the stolen data did not include the contents of calls and text messages nor the time of those communications.
We have an ongoing investigation into the AT&T breach and we' re coordinating with our law enforcement partners.
— The FCC (@FCC) July 12, 2024
The company blamed an “illegal download” on a third-party cloud platform that it learned about in April – just as the company was grappling with an unrelated major data leak.
AT&T says that the exposed data is not believed to be publicly available, however CNN was unable to independently verify that assertion.
AT&T spokesperson Alex Byers told CNN that this was an entirely new incident that had “no connection in any way” to another incident disclosed in March. At that time, AT&T said personal information such as Social Security numbers on 73 million current and former customers was released onto the dark web.
AT&T said international calls were not included in the stolen data, with the exception of calls to Canada.
The breach also included AT&T landline customers who interacted with those cell numbers.
Support MacDailyNews at no extra cost to you by using this link to shop at Amazon.
MacDailyNews Take: AT&T’s crack team of IT doofuses strike again!
Please help support MacDailyNews. Click or tap here to support our independent tech blog. Thank you!
Support MacDailyNews at no extra cost to you by using this link to shop at Amazon.
Expect spam call volume to skyrocket.
Thanks, AT&T
Arrest and jail all who are responsible for data security in ATT. Put their negligent incompetent asses in the jail house for a couple of years. Poof … like magic this stuff will cease. Life sentence to the perpetrators, but it will never happen because of our weak ass society.
All that’s needed (and expected) from the ever more frequent corporate whoopsies is a heartfelt and public apology from someone high in the C-ladder. If coupled with a firing of a low-level tard, with a tart, “they failed to support our security protocols,” we’ll all be “happy” and discouraged enough to receive the next security failure.
This is the company that sent a notice to me and, I’m sure, millions of others that if you don’t give them a bank account so they can bill you directly you will get a $5.00 increase. Given this breach and previous ones I will gladly pay the extra $5.00 until I can find another internet service.