Expand / Collapse search

AT&T hack: ‘Nearly all' customers' call, text records exposed in data breach

By Kelly Hayes
Updated  July 12, 2024 7:14am CDT
Consumer
Fox TV Stations
FILE - In this photo illustration, an AT&T logo is seen displayed on a smartphone. (Photo Illustration by Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images) article

FILE - In this photo illustration, an AT&T logo is seen displayed on a smartphone. (Photo Illustration by Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images)

DALLAS - AT&T revealed on Friday that "nearly all" of its customers’ call and text message records were exposed in a massive data breach

In April, the telecommunications giant said it learned that "threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform" and stole files containing customer call and text records that occurred mostly during a period in 2022. 

Here's what to know:  

AT&T hack: What happened

AT&T said the compromised data includes the telephone numbers of "nearly all" of its wireless customers and customers of mobile virtual network operators that used its network between May 1 and October 31, 2022.

It also includes records from Jan. 2, 2023, "for a very small number of customers," according to the company. 

The compromised data includes "counts of those interactions, and aggregate call duration for a day or month," the company said.

The data breach does not contain the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information, according to AT&T.

While the company confirmed the data does not include customer names, it noted that "there are often ways, using publicly available online tools, to find the name associated with a specific telephone number."

Ransomware attacks, explained

Ransomware is an ever-evolving form of malware that scrambles a victim organization’s data with encryption, then criminals demand a ransom in exchange for software decryption keys.

What AT&T is saying

An AT&T spokesperson told FOX Television Stations that the hack took place "outside of our network" and that the company's systems were not breached. It also stressed that the stolen information was aggregated metadata, and not the content of calls or texts, Social Security numbers, nor credit card information.

AT&T said it has taken additional cybersecurity measures in response to the breach, including "closing off the point of unlawful access." 

It's also providing notice to its current and former impacted customers – and is working with law enforcement to arrest those involved in the incident. 

"We understand that at least one person has been apprehended," the company said.

This story was reported from Cincinnati.