AT&T has admitted ‘tens of millions’ of customers were involved in a huge data breach that rocked the telecom titan back in 2022. Although the breach impacted AT&T cellphone customers, the company has since revealed the exposed data did not contain the contents of personal calls and messages, and shouldn’t be accesible to the public.
The customer data was downloaded from an AT&T workspace via a third-party cloud platform – all without authorization, of course. The data was made up of “nearly all” AT&T customers’ call and text records from May 1, 2022, to October 31, 2022, making it a textbook target for cybercriminals hoping to turn personally identifiable information into a profit via the dark web.
Unfortunately, the records also list the numbers that the affected AT&T customers called and texted, as well as the number of interactions and their durations.
Recent updates
UPDATE, 16.7.24: additional details have surfaced around the AT&T data breach – citing that the company paid the hackers (who are responsible for the breach) to erase the records. The incident, which affected more than 70 million people, is now also the center of a class-action lawsuit that seeks compensation for affected users. AT&T itself hasn’t commented on the lawsuit. However, Bloomberg uncovered the initial complaint and its list of demands – including that the telecommunications company pay damages to victims of the breach.
AT&T breach
In a statement AT&T added records from the January 2, 2023 data breach impacted a small number of customers.
As mentioned, the contents of the leaked calls and texts aren’t included in the breached data, and also does not include call or text timestamps, sensitive information like Social Security numbers, or personal details like dates of birth.
AT&T also pointed out that, while the records don’t include customer names, either, there are plenty of legitimate ways for anyone to link a cellphone number to the name of the person using it.
However, considering that the leaked AT&T records include some personally identifiable data – it’s unsurprising that customers want to take legal action. This data is exactly the sort of thing that bad actors can use to commit identity theft, fraud, and other devastating cyberattacks.
WIRED has also revealed that AT&T paid hackers to erase the stolen data. Reportedly, in May this year, AT&T contacted ShinyHunters, a notorious hacking group, and the perpetrators behind the data theft and breach. AT&T asked ShinyHunters to delete the data and record a video of the process as evidence – and then paid the group $370,000 in Bitcoin for doing so.
Unfortunately, a video cannot confirm beyond a shadow of a doubt that all traces of the leaked AT&T data have been expunged from the web. Copies may still exist, after all, and valuable datasets like these are ShinyHunters’ bread and butter.
The group initially pilfered the records via a Snowflake cloud storage account – primarily because it wasn’t secured properly and lacked multi-factor authentication. AT&T isn’t the only company that has been targeted by ShinyHunters, however, as Ticketmaster and Santander have also seen Snowflake accounts infiltrated.
What happens next?
AT&T has reassured customers that the affected access point has been secured – which is good news.
The company has also teamed up with law enforcement to sniff out the cybercriminals behind the attack. In fact, one individual has already been caught out and “apprehended”
Protecting your data is one of our top priorities. We have confirmed the affected access point has been secured.
AT&T
The company has also stated that it’ll be in touch with customers (past and present) to confirm that their data was involved in the leak. So, if you’ve been an AT&T client at any point since May 2022, you’ll want to keep an eye out for an email – just in case.
For anyone who is impacted by the AT&T breach (or for you privacy-oriented folks out there), there are a few things you can do to limit the damage to your overall digital security.
Firstly, it’s well worth changing the password associated with your AT&T account – especially if you use it for other sites and apps. Then, I’d recommend checking out one of the best VPNs available today. A VPN keeps all of your personal data hidden away from prying eyes and nosy third parties, encrypting it as you go about your day-to-day browsing. Plus, our #1 rated VPN, NordVPN, even has handy Threat Protection tools that’ll zap pop-up ads and fight off phishing attempts.
More from TechRadar Pro
Services Marketplace – Listings, Bookings & Reviews