AT&T Admits Data Breach, Hacker Gained 2022 Call Records

Recently, Ticketmaster trended online after having admitted they were affected by a data breach via a third-party cloud provider called Snowflake. And today, we’re learning that AT&T was also hit by the data breach. 

In its earlier announcement, AT&T revealed that its call records from 2022 were stolen in the same breach. These records cover the periods between May 1 to October 31, 2022, and a few from January 2, 2023. 

The wireless carrier also revealed that “nearly all” of its cellular customers (including the MVNOs that use its network) were affected by the breach. 

The good news is that the breach does not include any customer personal information, such as name, Social Security Numbers, or dates of birth. Although the calls, text messages, and total call durations made during those dates were breached, the threat actors were unable to gain access to the content of these calls or texts.  

AT&T said that they first discovered the breach in April. The reason why they chose to delay notifying the public was because of “potential risks to national security and/or public safety.” Since then, AT&T has “taken steps to close off the illegal access point.” They also shared that they don’t believe the data obtained is publicly available. 

As of this writing, the FBI and Department of Justice have already apprehended one individual related to the hack. Meanwhile, AT&T is hoping that everyone involved will be arrested. 

Source: The Verge