Latest News

Hackers Breach AT&T Cloud Platform, Access Phone Records of Millions

13 July 2024

|

Zaker Adham

Summary

Hackers have breached a cloud platform used by AT&T, compromising phone records of nearly all its cellular and landline customers, the company revealed on Friday.

The stolen data spans a six-month period from May 1, 2022, to October 31, 2022, and includes phone numbers and call and text message records. For a smaller, unspecified number of customers, more recent records from January 2, 2023, were also accessed.

The breached records contain cell site identification numbers linked to calls and texts, potentially revealing the approximate location of where calls were made or messages sent. However, AT&T assured customers that the content of calls or texts, timestamps, and personally identifiable information such as Social Security numbers and dates of birth were not compromised.

AT&T discovered the breach on April 19, noting it is unrelated to a previous security incident in March. The company believes the stolen data is not publicly available and is cooperating with law enforcement to identify and apprehend those responsible. At least one individual has been arrested.

According to AT&T, the breach occurred through Snowflake, a cloud data giant recently targeted by data thefts. Other companies affected by Snowflake breaches include Ticketmaster and QuoteWizard.

Cybersecurity experts from Mandiant indicate that the hacker group behind the breach is primarily based in the US and financially motivated.

AT&T has advised concerned customers to refer to its support article on phishing and smishing scams for tips on protecting themselves from online fraud.