AT&T data breach includes call and text message records of nearly all customers

Anthony DiMattia, Delaware News Journal
Updated ·2 min read

Call and text message records of nearly all AT&T customers were obtained in a massive data breach impacting millions of cellphone accounts, the company announced Friday.

AT&T said it learned that on April 19 a "threat actor" claimed to have unlawfully accessed and copied AT&T call logs.

Between April 14 and 25, threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform to download files containing records of customer call and text interactions that occurred between May 1 and Oct. 31, 2022 and Jan. 2, 2023, the company said in a filing with the U.S. Securities and Exchange Commission.

AT&T data breach: How to know if you were affected by the AT&T data breach and what to do next

Closing soon?: Big Lots will close up to 40 stores as it mulls bankruptcy. There are 5 Delaware locations

AT&T data breach: What information was impacted?

AT&T said the data breach included records of calls and texts of nearly all of its wireless customers and mobile virtual network operators through AT&T’s wireless network.

However, the information taken did not include content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information.

The records taken include telephone numbers of AT&T wireline customers and customers of other carriers, counts of those interactions, and aggregate call duration for a day or month

While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number, the company said.

AT&T said that for an undisclosed subset of its records, one or more cell site identification numbers linked to the calls and texts were also exposed. Such data could reveal where the broad geographic location of one or more of the parties, they added.

How many AT&T were impacted by data breach?

The data breach includes mostly mobile customers, but also landline subscribers as well.

The company listed about 110 million wireless subscribers as of the end of 2022 but the breach also affected landline customers who interacted with those cellphone numbers impacted.

Customers can visit www.att.com/dataincident for more information.

AT&T data breach response

AT&T said it immediately activated its incident response process to investigate and retained external cybersecurity experts to assist after learning of the breach.

The U.S. Department of Justice determined on May 9 and June 5 it was warranted to delay providing public disclosure of the data breach, the company said.

The company said it believes at least one person has been apprehended in connection with the incident.

This article originally appeared on Delaware News Journal: AT&T data breach exposed call, text records of millions of customers