AT&T revealed on Friday that a 2022 security breach resulted in the download of data belonging to nearly all of its customers to a third-party platform. This incident comes amidst a year marked by numerous large-scale cyberattacks.
The breach impacted AT&T’s cellular subscribers, customers of mobile virtual network operators (MVNOs) utilizing AT&T’s wireless network, and landline customers who interacted with those cellular numbers.
An investigation conducted by the company revealed that the compromised data included files containing AT&T’s records of calls and texts between May 1, 2022, and October 31, 2022.
AT&T boasts a customer base exceeding 100 million in the U.S., along with almost 2.5 million business accounts.
AT&T declared on Friday that it has launched an investigation and engaged with cybersecurity experts to fully grasp the nature and extent of the criminal activity.
“The data does not contain the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information,” AT&T stated on Friday.
The compromised data also excludes certain details typically found in usage records, such as the timestamps of calls or texts, the company clarified. While the data does not include customer names, AT&T acknowledges that publicly available online tools can often be used to link a telephone number to its associated name.
AT&T currently maintains that the data is not publicly accessible.
The compromised data also encompasses records from January 2, 2023, for a very limited number of customers. These records pinpoint the telephone numbers that an AT&T or MVNO cellular number interacted with during these periods. For a subset of records, one or more cell site identification number(s) associated with the interactions are also included.
The company continues to collaborate with law enforcement regarding the incident and confirms that at least one individual has been apprehended so far.
This year has already witnessed several significant data breaches, including a previous attack on AT&T. In March, AT&T reported that a dataset discovered on the “dark web” contained information such as Social Security numbers for approximately 7.6 million current AT&T account holders and 65.4 million former account holders.
AT&T stated at the time that it had already reset the passcodes of current users and would be communicating with account holders whose sensitive personal information was compromised.
North American car dealerships have also experienced major disruptions after software provider CDK Global faced back-to-back cyberattacks. Furthermore, Alabama’s education superintendent announced earlier this month that some data was “breached” during a hacking attempt targeting the Alabama State Department of Education.
Shares of AT&T Inc., headquartered in Dallas, experienced a decline of over 2% before the market opened on Friday.