Cybersecurity

Phone, text records from ‘nearly all' AT&T customers were hacked. Here's what to know

AT&T has more than 100 million customers in the U.S. and almost 2.5 million business accounts

A visitor walks past US multinational telecommunications AT&T logo at the Mobile World Congress (MWC), the telecom industry’s biggest annual gathering, in Barcelona on February 27, 2023. (Photo by Pau BARRENA / AFP) (Photo by PAU BARRENA/AFP via Getty Images)

A 2022 security breach compromised the data of "nearly all" AT&T cellular network customers, with hackers stealing six months worth of call and text message records, the company said Friday.

The breach also impacts AT&T landline customers that interacted with affected cellular numbers, the company said.

According to NBC News, the company said in an SEC filing that it learned from an internal investigation that in April, hackers "unlawfully accessed and copied AT&T call logs" that were saved on a third-party cloud platform.

The investigation revealed that compromised data included phone and text message records of "nearly all" AT&T customers from May 1, 2022 to Oct. 31, 2022, as well as Jan. 2, 2023.

“The data does not contain the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information,” AT&T said Friday.

The compromised data also doesn’t include some information typically seen in usage details, such as the time stamp of calls or texts, the company said. The data doesn’t include customer names, but AT&T said that there are often ways, using publicly available online tools, to find the name associated with a specific telephone number.

AT&T said that it currently doesn’t believe that the data is publicly available.

AT&T also said it has "taken additional cybersecurity measures in response to this incident including closing off the point of unlawful access," according to NBC News.

AT&T added that it is assisting law enforcement in efforts to arrest the hackers. "Based on information available to AT&T, it understands that at least one person has been apprehended," the company said.

If you're an AT&T customer, here's what to know.

How to know if you were impacted by the hack

Customers affected by the hack will be contacted by text, email or U.S. mail, the company said. Those with active AT&T accounts can also check their accounts online.

Prior customers who had service at some point between May 2022 and Nov. 22 will receive a notification with an account and case number if they were affected.

How to protect from online fraud following the hack

AT&T is offering the following tips for those impacted by the hack, as they now may be susceptible to online fraud attempts like phishing:

  • Only open text messages from people that you know and trust.
  • Don’t reply to a text from an unknown sender with personal details.
  • Go directly to a company’s website. Don’t use links included in a text message. Scammers can build fake websites using forged company logos, signatures, and styles.
  • Make sure a website is secure by looking for the “s” after the http in the address. You can also look for a lock icon at the bottom of a webpage.

If you suspect you are a target of fraud on your AT&T wireless number, AT&T asks that you report it to the Fraud team.

The compromised data also includes records from Jan. 2, 2023, for a very small number of customers. The records identify the telephone numbers an AT&T or MVNO cellular number interacted with during these periods. For a subset of records, one or more cell site identification number(s) associated with the interactions are also included.

The company continues to cooperate with law enforcement on the incident and that it understands that at least one person has been apprehended so far.

Shares of AT&T Inc., based in Dallas, fell more than 2% before the markets opened on Friday.

Exit mobile version