AT&T recently disclosed a significant data breach in which a hacker managed to steal the call and text records of ‘nearly all’ of its customers. The telecommunications giant initiated an investigation after learning that a hacker had unlawfully accessed and copied AT&T call logs. This breach occurred through unauthorized access to an AT&T workspace on a third-party cloud platform, resulting in the exfiltration of files containing customer call and text interactions data.

The compromised data spans interactions that took place between May 1 and Oct. 31, 2022, affecting a vast majority of AT&T’s cellular customers, users of mobile virtual network operators on AT&T’s network, and AT&T’s landline customers who communicated with the cellular numbers. While a small number of customers were impacted on Jan. 2, 2023, AT&T clarified that the stolen information does not include any personal details like Social Security numbers or dates of birth.

Although the breached data does not contain the content of calls or messages, it does include records of telephone numbers involved in interactions, along with counts of these interactions and aggregate call durations for specific periods. AT&T emphasized that the hacker did not obtain any sensitive personal information beyond the call and text records.

In response to the breach, AT&T has launched an investigation and enlisted cybersecurity experts to assess the extent of the incident. The company has taken steps to secure the compromised access point and is working to mitigate any potential risks to affected customers. While one individual has been arrested in connection with the breach, AT&T remains vigilant in addressing the aftermath of the cyberattack.

AT&T reassured customers that the stolen data does not include their names, but cautioned that it may be possible to link specific telephone numbers to individuals through publicly available online tools. The company is committed to safeguarding customer information and has implemented measures to prevent future breaches.

The data breach highlights the ongoing challenges faced by corporations in protecting customer data from cyber threats. AT&T’s proactive response underscores the importance of robust cybersecurity measures in safeguarding sensitive information and maintaining customer trust in the digital age.