AT&T Says Call, Text Records of ‘Nearly All’ Customers Stolen

AT&T

AT&T said Friday (July 12) that records of calls and texts of nearly all its wireless customers and others using its network were stolen in a cybersecurity incident.

The stolen records identify the telephone numbers with which the wireless numbers of AT&T or mobile virtual network operators (MVNOs) using AT&T’s wireless network interacted between May 1 and October 31, 2022, and on January 2, 2023, AT&T said in a Friday filing with the Securities and Exchange Commission.

The stolen data does not include the content of the calls or texts or personally identifiable information, according to the filing.

“While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number,” AT&T said in the filing.

AT&T learned April 19 that a fraudster claimed to have unlawfully accessed and copied its call logs and, upon investigating the claim, determined the fraudster accessed an AT&T workspace on a third-party cloud platform and exfiltrated the files between April 14 and April 25, according to the filing.

The company delayed providing public disclosure of the incident at the request of the Department of Justice, per the filing. AT&T has been working with law enforcement and understands that at least one person involved in the incident has been apprehended.

As of Friday, the company does not believe that the stolen data is publicly available, according to the filing.

“AT&T has taken additional cybersecurity measures in response to this incident including closing off the point of unlawful access,” the company said in the filing. “AT&T will provide notice to its current and former impacted customers.”

The filing comes about four months after AT&T disclosed that the personal data of 73 million current and former account holders was leaked onto the dark web. The company said at the time that in that incident, the dataset appeared to be from 2019 or earlier and that it was not clear if it originated from AT&T or one of its vendors.

With the news of other data breaches, containing the impact of these breaches before it can ripple throughout an entire ecosystem is top of mind for banks, FinTechs and businesses alike, PYMNTS reported Thursday (July 11).