ATT Phone Records Stolen Data Breach
ATT Phone Records Stolen Data Breach
AT&T Data Breach: Phone Records of ‘Nearly All’ Customers Stolen
AT&T has confirmed a significant data breach, impacting millions of its customers. Cybercriminals have stolen phone records, including phone numbers, call and text records, and location-related data.
Details of the AT&T Data Breach
On July 12, 2024, AT&T confirmed the breach and announced that it would notify approximately 110 million customers. The stolen data includes phone numbers for both cellular and landline customers, as well as records of calls and text messages from a six-month period between May 1, 2022, and October 31, 2022. Additionally, some records from January 2, 2023, were also compromised.
Although the breach did not expose the content of calls or texts, it included metadata such as who contacted whom, the total count of calls and texts, and call durations. The data also contains cell site identification numbers, which can approximate the location of calls and texts.
Key Details of the AT&T Data Breach
AT&T announced that the stolen data includes phone numbers for both cellular and landline customers, as well as records of calls and text messages made between May 1, 2022, and October 31, 2022. A smaller portion of the stolen data also includes records from January 2, 2023.
The stolen data does not include the content of the calls or texts but does encompass metadata such as who contacted whom, the total number of calls and texts, and the duration of these calls. Some records even include cell site identification numbers, which can approximate the location of where a call was made or a text was sent.
Connection to Snowflake Data Breaches
The breach is part of a wider security issue involving Snowflake, a cloud data platform used by various companies, including AT&T. Snowflake’s customers were targeted in recent cyberattacks, and AT&T was one of the victims. Other companies affected include Ticketmaster and LendingTree subsidiary QuoteWizard. Snowflake attributed these breaches to customers not utilizing multi-factor authentication, a security feature not enforced by the platform.
Impact and Response
AT&T plans to notify around 110 million customers about the breach. The breach also affected customers of other cell carriers using AT&T’s network.
The data breach has been linked to a recent spate of thefts targeting Snowflake, a cloud data giant. AT&T is among several companies, including Ticketmaster and QuoteWizard, affected by these thefts. Snowflake attributed the breaches to customers not using multi-factor authentication, a security feature it did not enforce.
Preventive Measures and Customer Support
AT&T has created a dedicated website to provide information about the data incident and offer guidance on how customers can protect their personal information. The company is also advising customers to monitor their accounts for any unusual activity and consider using additional security measures, such as multi-factor authentication.
The Cybercriminal Group
The cybercriminal group responsible for the breach, tracked as UNC5537, is believed to be financially motivated with members in North America and at least one member in Turkey. Some stolen data from other victims has been published on cybercrime forums. However, AT&T believes its stolen data is not yet publicly available.
The stolen data includes phone numbers, records of calls and text messages, cell site identification numbers, and metadata, but not the content of the calls or texts.
Approximately 110 million AT&T customers were affected by the data breach.
The breach was linked to a compromise at Snowflake, a cloud data storage provider, where customer accounts were not secured with multi-factor authentication.
No, the stolen data includes metadata such as who contacted whom, call durations, and cell site identification numbers, but not the actual content of calls or texts.
AT&T is notifying affected customers and working with law enforcement to apprehend the cybercriminals involved. One individual has already been apprehended.
For more information on the AT&T data breach and steps to protect your data, visit AT&T’s official website.
