Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Hold the phone: AT&T reveals hack stole data of ‘nearly all’ customers in 2022

Company says it doesn’t believe data of 100 million users is publicly available

Josh Marcus
San Francisco
Friday 12 July 2024 17:32 EDT
Comments
AT&T data breach affected nearly every customer

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A cyber attack on telecommunications giant AT&T obtained data on “nearly all” of its more than 100m cellphone subscribers.

“We have taken steps to close off the illegal access point,” the company said in a statement on Friday. “We are working with law enforcement in its efforts to arrest those involved in the incident. We understand that at least one person has been apprehended.”

The breach compromised files containing records of calls and texts, mostly between May and October of 2022, identifying telephone numbers customers interacted with, without capturing the content of those interactions or sensitive identification information like Social Security numbers or passwords, according to the company.

The company became aware of the attack in April and reported it to federal officials shortly after, according to the Department of Justice, which said the hack wasn’t initially publicly disclosed to protect the ongoing investigation.

“The most likely beneficiary of this specific data are foreign nation states or foreign actors,” Chris Pierson, chief executive of the cybersecurity company BlackCloak, told The New York Times, describing how the phone data could be used to ascertain the communications network of high-value individuals like national security personnel.

The compromised data was stored by cloud computing company Snowflake, according to The Wall Street Journal, and AT&T has described the hack as information being “illegally downloaded from our workspace on a third-party cloud platform.”

“We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” Snowflake’s chief information security officer told Fast Company.

In March, AT&T disclosed that it found a dataset on the “dark web” that contained identifying information like Social Security numbers for about 7.6 million current customers and 65.4 million former ones.

The company will notify those impacted by the recent breach, and customers can request the company send them phone numbers that were accessed using their records.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in