Data of nearly all AT&T customers downloaded in security breach - Los Angeles Times
Advertisement

Data of nearly all AT&T customers downloaded in security breach

AT&T logo
A security breach in 2022 compromised the data of nearly all of AT&T’s cellular customers and others using the company’s wireless network, as well as landline customers who interacted with cellular numbers.
(Mark Lennihan / Associated Press)
Share via

The data of nearly all customers of the telecommunications giant AT&T was downloaded to a third-party platform in a 2022 security breach, the company said Friday, as cyberattacks against businesses, schools and health systems continue to spread globally.

The breach hit customers of AT&T’s cellular customers, customers of mobile virtual network operators using AT&T’s wireless network, as well as its landline customers who interacted with those cellular numbers.

AT&T said that it doesn’t believe that the data are publicly available.

“The data does not contain the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information,†AT&T said Friday.

Advertisement

The compromised data also doesn’t include some information typically seen in usage details, such as the time stamp of calls or texts, the company said, or customer names. AT&T, however, said that there are often ways, using publicly available online tools, to find the name associated with a specific telephone number.

An internal investigation determined that compromised data include files containing AT&T records of calls and texts between May 1, 2022, and Oct. 31, 2022.

AT&T has more than 100 million customers in the U.S. and almost 2.5 million business accounts.

Advertisement

The company said Friday that it has launched an investigation and engaged with cybersecurity experts to understand the nature and scope of the criminal breach.

Compromised data also includes records from Jan. 2, 2023, for a very small number of customers.

The company continues to cooperate with law enforcement on the incident and said that it understands at least one person has been apprehended so far.

Advertisement

The year has already been marked by several major data breaches, including an earlier attack on AT&T. In March, AT&T said that a dataset found on the “dark web†contained information such as Social Security numbers for about 7.6 million current AT&T account holders and 65.4 million former account holders.

Some auto dealerships are using pens and paper to close deals after back-to-back cyberattacks last month on a company that supplies them with software. That company, CDK Global, is still attempting to reestablish normal operations.

Alabama’s education superintendent said this month that some data were “breached†during a hacking attempt at the Alabama State Department of Education.

Cybersecurity experts are warning that hospital systems around the country, which have already been targeted, are at risk for more attacks and that the U.S. government is doing too little to prevent breaches.

AT&T customers can visit att.com/DataIncident for more information.

Shares of AT&T Inc., based in Dallas, fell slightly on Friday.

Chapman writes for the Associated Press.

Advertisement