"AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack"

AT&T recently announced that almost all its wireless subscribers were exposed in a massive hack that occurred between April 14 and April 25, 2024, where a hacker exfiltrated files containing “records of customer call and text interactions” between approximately May 1 and October 31, 2022, as well as on January 2, 2023.  The global telecommunications giant said the stolen data does not contain the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information. The company noted that current analysis indicates that the data includes, for these periods of time, records of calls and texts of nearly all of AT&T’s wireless customers and customers of mobile virtual network operators (“MVNO”) using AT&T’s wireless network.  These records identify the telephone numbers with which an AT&T or MVNO wireless number interacted during these periods, including telephone numbers of AT&T wireline customers and customers of other carriers, counts of those interactions, and aggregate call duration for a day or month.  For a subset of records, one or more cell site identification number(s) are also included.  The company explained that while the data does not include customer names, there are ways to find the name associated with a specific telephone number via publicly available online tools.  AT&T said customer data was “illegally downloaded from its workspace on a third-party cloud platform.” While the company did not specifically name the platform, multiple sources have linked the incident to a recent series of data heists from the Snowflake platform.  

SecurityWeek reports: "AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack"