Massive AT&T Cell Phone and Text Data Breach: Should You Be Worried?
If you are an AT&T wireless customer or had a phone conversation or texted with someone who is, should you be worried about the massive breach exposing nearly all the records of their conversations?
The data breach involved wireless calls and text messages over a six-month period of 2022. It also includes records if an AT&T landline customer interacted with any of the 110 million AT&T wireless subscribers during the breach.
Furthermore, the Department of Justice and FBI were both notified in May but decided to delay public disclosure while they investigated.
“In assessing the nature of the breach, all parties discussed a potential delay to public reporting… due to potential risks to national security and/or public safety,” --FBI statement
Sounds pretty worrisome.
Fast forward to last week's announcement when AT&T disclosed on Friday of the July 4th weekend when most people were enjoying a long holiday weekend that the records of calls and text messages of tens of millions of AT&T cellphone customers and non-AT&T customers were exposed in a data breach.
The compromised data includes telephone numbers of nearly every AT&T cellular customer and customers of wireless providers that used AT&T's network between May 1, 2022 and October 31, 2022.
The company says the breach was traced to an “illegal download” on a third-party cloud platform that it learned about in April as it was dealing with another blow, the leak of 73 million current or former customer's data onto the dark web.
What is the extent of the 2022 AT&T breach?
The stolen data contains a record of every number AT&T wireless customers called or texted and the length of the call.
A small number of records from January 2, 2023, were also implicated, according to AT&T.
The stolen data DID NOT include the contents of calls and text messages nor the time of those communications.
Personal information such as Social Security numbers, dates of birth, or customer names were not exposed according to AT&T, however tools can easily link names with specific phone numbers. The company said cell site identification numbers were also exposed and the data could reveal the general locations of the callers.
AT&T announced it will notify current and former customers whose information was involved and provide them resources to protect their information.
11 Step Checklist to Safeguard Your Business From Cyber Security Threats
Gallery Credit: Conor Walsh