Summarize

Simplifying... Inshort

AT&T is alerting 110 million customers about a data breach that exposed their phone records but not the content of their calls or texts.
The breach, linked to cloud data company Snowflake, was discovered in April and has led to one arrest so far.
AT&T is working with law enforcement to track down the cybercriminals involved.

Was a long read? Making it simpler...

Next Article

FBI is overseeing the investigation

AT&T data breach: Phone records of 'nearly all' customers stolen

By Akash Pandey

Jul 12, 2024

05:04 pm

What's the story

US telecommunications giant AT&T has confirmed a fresh data breach affecting "nearly all" of its customers. The breach has allowed cybercriminals to steal phone records, including numbers of cellular/landline customers, and call/text message records from May 1 to October 31, 2022. Some stolen data also includes records from January 2, 2023. This is the second security incident disclosed by AT&T this year, following a previous incident where customer account information was published on a cybercrime forum.

Impact

Breach affects customers of other carriers too

AT&T says the stolen data "does not contain the content of calls or texts," but includes calling and texting records, that an AT&T phone number interacted with during the six months. The stolen data does not reveal the time or date of calls or texts but includes metadata such as the total count and duration of calls and texts. The breach has also impacted customers of other cell carriers that use AT&T's network.

Accountability

AT&T to notify 110 million customers

AT&T plans to notify approximately 110 million customers about the data leak, company spokesperson Andrea Huguely told TechCrunch. The company has also launched a website with information about the incident, and disclosed the breach in a filing with regulators. The breach has been linked to cloud data giant Snowflake and was discovered by AT&T on April 19, unrelated to an earlier security incident in March.

Blame

Snowflake blames customers for data breach

Snowflake permits its corporate customers, such as telecom operators and tech companies, to analyze extensive customer data in the cloud. The reason for AT&T storing customer data in Snowflake remains unclear. AT&T joins a growing list of companies confirming data breaches from Snowflake in recent weeks. Snowflake attributed the data thefts to its customers for not using multi-factor authentication, a security feature it did not enforce or require.

Legal action

AT&T collaborates with law enforcement, one arrest made

AT&T is collaborating with law enforcement to apprehend the cybercriminals involved in the breach, and has confirmed that "at least one person has been apprehended." The individual arrested was not an AT&T employee. Further inquiries about the alleged criminals have been directed to the Federal Bureau of Investigation (FBI). AT&T claims that it does not believe the stolen data is publicly available at this time.