Hackers obtained the data including Social Security numbers of "nearly all" AT&T customers were posted on the dark web earlier this month in one of the largest data breaches in U.S. history. The telecommunications giant said that call and text records of around 110 million wireless customers were accessed over a five-month period in 2022.
This breach led to a "robust investigation supported by internal and external cybersecurity experts," the company said. AT&T indicated that the compromised data appears to be between May and October 2022 and included information of millions of customers. AT&T became aware of the breach in April and is now notifying both current and former customers.
One of the Largest Breaches in US History
Although the exposed data did not include customer names, the company noted that there are 'publicly available online tools' that can link phone numbers to people's identities. The breaches data primarily included email and mailing addresses, phone numbers, Social Security number, dates of birth, AT&T account numbers and passcodes.
AT&T acknowledged it became aware of the breach in April and is now notifying both current and former customers affected by the incident.
The exposed data was unlawfully obtained from a workspace hosted on the third-party cloud platform Snowflake. Law enforcement authorities are conducting an investigation, resulting in the arrest of one individual thus far.
The compromised data encompassed records of calls and texts exchanged between May and October 2022. AT&T clarified that the content of these communications, as well as personal details such as social security numbers, were not accessed.
However, the company said that the compromised information was sufficient to identify the geographical locations of multiple individuals. Additionally, records from January 2, 2023, for a limited number of customers were also compromised.
AT&T landline customers who communicated with AT&T mobile users during this period were also impacted by the breach.
A Lot Stolen
Some of the stolen records contained one or more cell site identification numbers, which are unique identifiers associated with specific cell towers and related to location. "At this time, we do not believe that the data is publicly available," AT&T shared in the Friday announcement.
According to Bloomberg, if the data were to be exposed, it would disclose communication records of prominent people such as politicians, executives, activists, journalists, and their sources.
AT&T said that it has implemented additional cybersecurity measures, including securing the point of unauthorized access.
The company also said that the incident did not significantly impact AT&T's operations.
However, AT&T's stock fell by 2.7 percent in pre-market trading on Friday after confirming the breach.
The revelation of the 2022 breach follows AT&T's acknowledgment in March of another data breach from 2019 or earlier, affecting over 73 million users.