Nearly all AT&T customer data downloaded to third-party after security breach

AT&T Security Breach Exposes Customer Data

In 2022, a significant security breach compromised the data of nearly all AT&T cellular customers, along with users of mobile virtual network operators (MVNO) utilizing AT&T’s wireless infrastructure and landline customers engaging with these cellular numbers. The compromised data spans from May 1, 2022, to October 31, 2022. AT&T has initiated a thorough investigation and employed cybersecurity experts to uncover the breadth and depth of this criminal activity.

Further investigations have revealed that the breach extended slightly to include records from January 2, 2023, albeit affecting a minimal number of customers. The compromised files primarily include records of telephone numbers interacted with by AT&T and MVNO cellular numbers within the specified periods. For a subset of these records, associated cell site identification numbers are also included. However, AT&T has assured that the data does not encompass the content of calls or texts, nor personal information such as Social Security numbers, birth dates, or other personally identifiable details.

Additionally, typical usage details, including timestamps of calls or texts, are absent from the compromised data. While customer names are not part of the breach, AT&T has acknowledged the potential for identifying individuals using publicly accessible online tools allied with specific telephone numbers.

Collaborating with law enforcement agencies, AT&T stresses its commitment to addressing this incident and reveals that at least one person has been apprehended in connection with the breach. The company continues to work diligently to safeguard its customers' data and prevent future security lapses.