AT&T disclosed that hackers stole call and text message records from nearly every customer on their cellular network, potentially jeopardizing sensitive information of millions of Americans. The intrusion, discovered through an internal investigation, revealed that in April, hackers illicitly accessed and copied AT&T call logs stored on a third-party cloud platform.
The breach compromised call and text records from approximately May 1 to October 31, 2022, and on January 2, 2023. While the content of the calls and messages remained secure and personal information was not compromised, the exposed data included phone numbers. This type of information, known as metadata, can be highly sensitive, particularly when aggregated and analyzed on a large scale to unveil connections and patterns among individuals.
AT&T’s wireless network serves 127 million devices, as reported in the company’s 2023 annual report. Although the stolen data did not contain customer names, it is possible to identify the name linked to a specific telephone number using publicly available tools, as noted in the SEC filing.
The Federal Communications Commission (FCC) initiated an investigation into the breach in collaboration with law enforcement agencies. Experts like John Scott-Railton from the University of Toronto’s Citizen Lab emphasized the severity of the breach, citing the potential national security risks and implications for businesses and individuals when metadata is compromised on such a vast scale.
AT&T affirmed that it has bolstered cybersecurity measures in response to the incident and is reaching out to affected customers. The Justice Department mandated public disclosure of the hack details, which AT&T complied with, and the company is aiding law enforcement in apprehending the hackers. While AT&T reassured customers that the data was not publicly accessible, the breach could pose a significant threat given a previous security lapse that exposed customer names and Social Security numbers.
Senator Ron Wyden criticized the lax regulatory environment for telecommunications companies, calling for stronger accountability to prevent future breaches resulting from inadequate cybersecurity measures.