The company revealed that customer data was illegally downloaded from an AT&T workspace on a third-party cloud platform.
Call and text records between May 1st and October 31st 2022 were leaked for nearly all of AT&T’s wireless customers, the customers of MVNOs that use its network and AT&T landline customers that interacted with the cellular numbers.
The compromised data also includes records from January 2, 2023, for a very small number of customers.
AT&T said that no personally identifiable information such as social security numbers or dates of birth were leaked, nor were the time stamps or contents of calls or texts.
However, “While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number,” AT&T’s statement said.
One or more cell site identification numbers associated with the interactions are also included for a subset of records.
After learning of the breach in April, AT&T launched an investigation and have engaged “leading” cybersecurity experts to understand the nature and scope of the criminal activity.
It has taken steps to close off the illegal access point and is working with law enforcement in its efforts to arrest those involved in the incident.
A report by Bloomberg claims that AT&T paid nearly $400,000 in bitcoin to the hackers in order for them to delete the information.
