The telecommunications giant AT&T disclosed on Friday that the data of nearly all its customers was downloaded to a third-party platform during a security breach in 2022. This breach affected AT&T’s cellular customers, customers of mobile virtual network operators using AT&T’s wireless network, and its landline customers who interacted with those cellular numbers.
An investigation by the company found that the compromised data includes files containing AT&T records of calls and texts between May 1, 2022, and Oct. 31, 2022. AT&T has over 100 million customers in the U.S. and almost 2.5 million business accounts.
AT&T stated that it has initiated an investigation and enlisted cybersecurity experts to determine the nature and extent of the criminal activity. The data does not contain personal information such as Social Security numbers or dates of birth.
The compromised data also does not include customer names but may be identifiable through publicly available tools. AT&T clarified that it does not believe the data is publicly accessible at this time.
Additionally, the compromised data includes records from Jan. 2, 2023, for a small number of customers, identifying telephone numbers and interaction details. The company is cooperating with law enforcement, and at least one individual has been apprehended in connection with the breach.
This incident adds to a series of major data breaches this year, including a previous attack on AT&T in March. The company had reset passcodes for affected users and communicated with those whose sensitive personal information was compromised.
Other notable cyberattacks this year include disruptions at car dealerships in North America due to cyberattacks on CDK Global and a hacking attempt at the Alabama State Department of Education.
Following the disclosure, AT&T Inc.’s stock fell over 2% before the markets opened on Friday.
Copyright 2024 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed without permission.
