In April, AT&T discovered that customer data was illegally downloaded from our workspace on a third-party cloud platform. We immediately launched an investigation and engaged top cybersecurity experts to understand the nature and scope of the criminal activity. Measures have been taken to close off the illegal access point, and we are working with law enforcement, which has already apprehended at least one individual involved.
Our investigation revealed that the compromised data includes files containing AT&T records of calls and texts from nearly all of AT&T’s cellular customers, customers of mobile virtual network operators (MVNOs) using AT&T’s wireless network, and AT&T’s landline customers who interacted with those cellular numbers between May 1, 2022, and October 31, 2022. Additionally, records from January 2, 2023, for a very small number of customers, were also compromised. These records identify the telephone numbers an AT&T or MVNO cellular number interacted with during these periods. For some records, one or more cell site identification numbers associated with the interactions are included.
The compromised data does not contain the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information. It also does not include some typical information you see in your usage details, such as the time stamp of calls or texts. While the data does not include customer names, there are ways to potentially identify individuals using publicly available online tools associated with specific telephone numbers.
At this time, we do not believe the data is publicly available.
Our top priority is our customers. We will notify current and former customers whose information was involved and provide resources to help protect their information. We sincerely regret this incident and remain committed to safeguarding the information in our care.