Friday, July 12, 2024

AT&T discloses massive breach of data via 3rd party cloud

AT&T disclosed a massive cyber breach involving the illegal download of customer data from a workspace on a third-party cloud platform. The incident is believed to be the largest of its type in the U.S. to date.  The third-party cloud provider was not named.

AT&T said an investigation has revealed that the compromised data includes records of calls and texts for nearly all of AT&T’s cellular customers, as well as those of mobile virtual network operators (MVNOs) using AT&T’s network. Additionally, landline customers who interacted with these cellular numbers between May 1, 2022, and October 31, 2022, are affected. The breach also impacted records from January 2, 2023, for a small number of customers. These records detail the telephone numbers contacted by AT&T or MVNO cellular numbers, and some also include cell site identification numbers associated with the interactions.


AT&T said its has since secured the access point to prevent further illegal access and is collaborating with law enforcement, which has already apprehended at least one individual connected to the incident.

AT&T further states that the breach did not involve the content of calls or texts, personal information such as Social Security numbers or dates of birth, or detailed usage information like timestamps of calls or texts. While customer names are not included in the compromised data, there is a potential risk of identifying individuals using publicly available tools to match telephone numbers with names.  The company is providing an online method for customers to access their own call records to see what information was stolen in the breach.


Key Points:

Breach Scope: Compromised data includes call and text records for nearly all AT&T cellular and MVNO customers from May 2022 to October 2022, and a few records from January 2023.

Data Integrity: No personal information such as Social Security numbers, dates of birth, or call/text content was included in the breach.

Security Measures: AT&T has secured the access point, is working with law enforcement, and one suspect has been apprehended.


https://www.att.com/support/article/my-account/000102979?source=EPcc000000000000U