Get all your news in one place.
100’s of premium titles.
One app.
Start reading
The Independent UK
The Independent UK
National
Josh Marcus

Hold the phone: AT&T reveals hack stole data of ‘nearly all’ customers in 2022

Getty Images

Support truly
independent journalism

A cyber attack on telecommunications giant AT&T obtained data on “nearly all” of its more than 100m cellphone subscribers.

“We have taken steps to close off the illegal access point,” the company said in a statement on Friday. “We are working with law enforcement in its efforts to arrest those involved in the incident. We understand that at least one person has been apprehended.”

The breach compromised files containing records of calls and texts, mostly between May and October of 2022, identifying telephone numbers customers interacted with, without capturing the content of those interactions or sensitive identification information like Social Security numbers or passwords, according to the company.

The company became aware of the attack in April and reported it to federal officials shortly after, according to the Department of Justice, which said the hack wasn’t initially publicly disclosed to protect the ongoing investigation.

“The most likely beneficiary of this specific data are foreign nation states or foreign actors,” Chris Pierson, chief executive of the cybersecurity company BlackCloak, told The New York Times, describing how the phone data could be used to ascertain the communications network of high-value individuals like national security personnel.

The compromised data was stored by cloud computing company Snowflake, according to The Wall Street Journal, and AT&T has described the hack as information being “illegally downloaded from our workspace on a third-party cloud platform.”

“We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” Snowflake’s chief information security officer told Fast Company.

In March, AT&T disclosed that it found a dataset on the “dark web” that contained identifying information like Social Security numbers for about 7.6 million current customers and 65.4 million former ones.

The company will notify those impacted by the recent breach, and customers can request the company send them phone numbers that were accessed using their records.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.