AT&T has revealed that a massive hack in 2022 compromised user data for nearly all its mobile phone customers, making it one of the most significant private communications data breaches in recent history.
The breach involved records of calls and texts from nearly all of AT&T's cellular customers, other customers using AT&T's wireless network, and AT&T's landline customers who interacted with those cellular numbers between May 1, 2022, and October 31, 2022. A small portion of data from early January 2023 was also affected. The company learned in April that hackers had successfully downloaded customer data from its third-party cloud service.
AT&T disclosed the breach in a regulatory filing and later provided a statement on the details. Notably, the hackers did not obtain the content of the calls or texts, personal information, or timestamps of the calls or texts. However, customer names, although not directly leaked, could be identified using other publicly available tools.
The hack was reported to the FBI shortly after it was discovered. Public disclosure was delayed twice due to potential national security risks or public safety threats. AT&T, the FBI, and the Justice Department worked together during this period, sharing key threat intelligence and bolstering the investigation.
The Federal Communications Commission (FCC) has announced an ongoing investigation into the AT&T breach, collaborating with other law enforcement partners. AT&T stated it is working with law enforcement and has taken steps to close off the illegal access point. The company also mentioned that at least one person has been apprehended regarding the breach.