In a concerning development, AT&T has disclosed a significant data breach that occurred on a third-party cloud platform. This incident involved the unauthorized download of customer data. The telecommunications giant announced the incident on July 12, 2024, detailing their efforts to address the breach and secure their systems.
The Incident Unfolds
AT&T first discovered the illegal data access in April 2024. The compromised information includes phone call and text message records of nearly all AT&T cellular customers. This data spans interactions from May 1, 2022, to October 31, 2022, and records from January 2, 2023. Customers of mobile virtual network operators (MVNOs) using AT&T’s wireless network and AT&T landline customers who interacted with these cellular numbers were also affected.
The compromised data includes the phone numbers involved in the interactions. Some records also have associated cell site identification numbers. However, the breach did not expose the content of calls or texts, personal identifiers such as Social Security numbers, dates of birth, or other sensitive personal information.
AT&T’s Response
Upon discovering the breach, AT&T immediately launched an investigation. They enlisted top cybersecurity experts to assess the scope and nature of the incident. The company has since secured the exploited access point. They are also actively cooperating with law enforcement to apprehend those responsible. To date, authorities have arrested at least one individual in connection with the breach.
AT&T emphasizes that there is no indication the data has been made publicly available. Nonetheless, the company is taking steps to notify affected customers and provide them with resources to safeguard their information.
Customer Protection and Commitment
In response to the breach, AT&T reiterated its commitment to protecting customer data. The company is implementing enhanced security measures to prevent future incidents. They continuously evaluate their security protocols to counter evolving cybersecurity threats.
AT&T holds itself to high standards of customer data protection and remains committed to delivering the experience our customers deserve.
AT&T spokesperson
We deeply regret this incident and are dedicated to maintaining the trust of our customers by enhancing our security measures and ensuring their data’s safety.
AT&T spokesperson
Conclusion
This data breach serves as a stark reminder of the persistent cybersecurity threats facing large corporations. It also highlights the importance of robust data protection strategies. AT&T’s swift response and cooperation with law enforcement underscore the company’s dedication to resolving the issue and preventing future occurrences. As investigations continue, affected customers can stay informed and take necessary precautions to protect their personal information.
For further details and updates, visit AT&T’s Data Incident page.
