Today, AT&T announced a massive data breach that lacked almost all customer call and text records. According to AT&T in April AT&T learned that customer data was illegally downloaded on a third-party cloud platform. At this time AT&T says it has taken steps to close off access to its content.
“At this time, we do not believe that the data is publicly available,” AT&T said in a statement. “We sincerely regret this incident occurred and remain committed to protecting the information in our care.”
Here is how AT&T describes what data was taken. “Based on our investigation, the compromised data includes files containing AT&T records of calls and texts of nearly all of AT&T’s cellular customers, customers of mobile virtual network operators (MVNOs) using AT&T’s wireless network, as well as AT&T’s landline customers who interacted with those cellular numbers between May 1, 2022 – October 31, 2022. The compromised data also includes records from January 2, 2023, for a very small number of customers. The records identify the telephone numbers an AT&T or MVNO cellular number interacted with during these periods. For a subset of records, one or more cell site identification number(s) associated with the interactions are also included.”
AT&T says at this time, the data is not believed to be publicly available online. The data does not include alls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information. Instead the information includes time stamp of calls or texts. The data does not include customers’ names, but AT&T says, “There are often ways, using publicly available online tools, to find the name associated with a specific telephone number.”