In a dramatic and stunning hack, the telecom giant AT&T says that call and text records of “nearly all” of its wireless customers have been obtained by a “threat actor.”
AT&T said in a securities filing Friday that the hacker “accessed an AT&T workspace on a third-party cloud platform” back in April, and was able to exfiltrate “files containing AT&T records of customer call and text interactions that occurred between approximately May 1 and October 31, 2022, as well as on January 2, 2023.”
The company notes that the hacked data does not contain the contents of those texts, nor does it contain personally identifiable information like names, dates of birth, or social security numbers.
“While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number,” it warns.
Rather, the data includes the telephone numbers of the AT&T customers and those they communicated with, the number of times they communicated, the call duration for the day or month, and in some cases the cell site ID number.
The data does not appear to be publicly available as of now, and the company says it will notify impacted customers.
The company said that it has since closed off the point of access, and has been working with the Department of Justice.
“AT&T is working with law enforcement in its efforts to arrest those involved in the incident,” the company said. “Based on information available to AT&T, it understands that at least one person has been apprehended.”
The hack underscores just how critical cybersecurity has become to modern media, telecom, entertainment and technology firms.
Back in April Roku warned that more than 500,000 accounts were impacted in a similar data breach involving a third-party cloud provider. And of course in 2014, a massive hack at Sony resulted in personal data and emails from thousands of employees spilling onto the Internet.
The AT&T hack is in some ways less severe and more dramatic. Many millions of customers are likely impacted, but the data itself is limited (albeit the sort of information frequently used by governments for investigative purposes, usually obtained via a warrant).
For its part, AT&T says that “this incident has not had a material impact on AT&T’s operations, and AT&T does not believe that this incident is reasonably likely to materially impact AT&T’s financial condition or results of operations.”