Call Records and Text From Nearly All Customers Were Hacked Through A Cloud Service: AT&T Confirms
Back in 2019, customer records of about 70 million current and former AT&T customers were leaked. Customer names, home addresses, phone numbers, date of birth, and security numbers were part of the leaked data. This data leak was acknowledged by AT&T this year in March.
Now in an SEC filing, the company revealed that through an internal investigation it has learned that in April, hackers unlawfully accessed and copied AT&T call logs that were saved on a third-party cloud platform. These AT&T records of customer call and text interactions are said to occurred between May and October 31, 2022, as well as on January 2, 2023.
As per the current analysis, data includes, for these periods, records of calls and texts of nearly all of AT&T’s wireless customers and customers of mobile virtual network operators using AT&T’s wireless network. The company said, “While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number.” Though for now the data hacked has not been made publicly available reports assert that the data stolen at this scale has the potential to be a major national security threat as well as a problem for businesses and individuals.
The company has mentioned that they are working with law enforcement in its efforts to arrest those involved in the incident. While according to AT&T, at least one person involved has been arrested.
Apart from this, AT&T has also taken additional cybersecurity measures in response to this incident including closing off the point of unlawful access. The company will also be providing notice to its current and former impacted customers.