An AT&T spokesperson disclosed that the recent theft of customer records was part of a wave of data theft attacks targeting Snowflake customers. The telecom giant revealed on Friday that the breach exposed records of phone and text messages for nearly all customers.
The breach, which does not impact the content of the messages, affects records from a seven-month period in 2022, from May 1 to October 31. AT&T, which serves over 100 million customers, stated that the data was illegally downloaded from their workspace on a third-party cloud platform.
The compromised data includes AT&T records of calls and texts for nearly all of AT&T’s cellular customers, MVNO customers using AT&T’s wireless network, and AT&T landline customers who interacted with those cellular numbers during the specified period. The records identify the telephone numbers interacted with and, for a subset, include one or more cell site identification numbers.
However, the data does not contain the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information. It also does not include typical usage details like timestamps of calls or texts. The breach also includes records from January 2, 2023, for a small number of customers.
AT&T has taken steps to close off the illegal access point and reported that at least one person has been apprehended in connection with the incident.
For more information, visit our website.
Stay safe and vigilant.
