From The Verge: AT&T revealed Friday morning that a cybersecurity attack had exposed call records and texts from “nearly all” of the carrier’s cellular customers (including people on mobile virtual network operators, or MVNOs, that use AT&T’s network, like Cricket, Boost Mobile, and Consumer Cellular). The breach took place during the period between May 1st, 2022, and October 31st, 2022, in addition to an incident that impacted a “very small number” of customers on January 2nd, 2023.
AT&T spokesperson Alex Byers confirmed to The Verge the threat actor accessed the information through the company’s account on a third-party cloud platform, Snowflake, similar to data breaches that have affected Ticketmaster and Santander Bank. AT&T first learned of the breach in April, but as reported by TechCrunch, an FBI spokesperson confirmed “AT&T, the FBI and the Department of Justice agreed to delay notifying the public and customers on two occasions, citing ‘potential risks to national security and/or public safety.’”
The stolen data includes which phone numbers customers interacted with, and Byers tells The Verge that the breach also includes “counts of those calls/texts and total call durations for specific days or months.”
Here’s the information AT&T says is not included in the breach:
The downloaded data doesn’t include the content of any calls or texts. It doesn’t have the time stamps for the calls or texts. It also doesn’t have any details such as Social Security numbers, dates of birth, or other personally identifiable information.
View: Full Article