Massive Data Breach at AT&T: What Customers Need to Know
July 12, 2024 • César Daniel Barreto
On July 12, AT&T publicly announced that unauthorized actors accessed customer data on a third-party cloud platform. AT&T has provided some recommendations and links to resources to help protect your personal information if you were impacted. The Cybersecurity and Infrastructure Security Agency (CISA) also encourages Customers to read the AT&T article for more information and mitigation guidance.
What Happened
AT&T found out that its customer data had been illegally downloaded from its workspace on one of the third-party cloud platforms. On learning about the breach, AT&T launched an investigation and involved top cybersecurity experts to determine the extent of the problem.
The access point was already secured. It was determined that the breach involved phone call and text message records and that the breach involved phone call and text message records of nearly all AT&T cellular customers from May 1, 2022, to October 31, 2022, as well as on January 2, 2023. The records include phone numbers to which calls were placed or from which AT&T wireless numbers made them but also include AT&T landline customers.
Some records go further to include cell site ID numbers associated with the interactions. While this does not involve the substance of the calls or texts, timestamps, Social Security numbers, dates of birth, and other personally identifiable information may still be connected to the name through publicly available tools.
Data Involved
Data points that are included include an intermix of phone numbers that interacted with the AT&T numbers, the counts of calls or texts, and total call durations. Data points not included are the content of the calls or texts, timestamps, Social Security numbers, date of birth, and other personally identifiable information. AT&T says it does not think the data is public and handed over the details to law enforcement authorities who have arrested at least one individual so far.
AT&T’s Response
Protection of customer data is critical to AT&T. They have isolated the concerned access point and are continuously accessing and upgrading their security measures to keep pace with the ever-evolving cyber security threats. Change to “AT&T is dedicated to keeping a safe operating environment by investing in the security of their network with resources such as personnel, capital, and innovative technology advancements.
Recommendations for Customers
Only open text messages from known and trusted sources to help protect yourself from phishing, smishing, and other online fraud. Do not respond to texts from unknown senders requesting personal information. Go directly to company websites and not through links provided in text messages. Check that the website is secure by ensuring the address has “https” and includes the lock icon. Visit AT&T’s website. CyberAware also provides tips and information to help educate customers on fraud and cyber threats.
How to Check if Your Data Was Impacted
AT&T will notify affected customers by text, email or U.S. mail. Customers can also sign in to their account online to see if they are affected. Consumers: Sign in to your myAT&T account. FirstNet® Agencies and Individual Subscribers: Sign in to your account. Businesses: Sign in to your myAT&T or Premier account.
How to Report Suspicious Activity
Suspicious text activity: Don’t respond. Forward the text to AT&T for help. There is no charge to forward a text, and it won’t count toward your text plan. Fraud on your AT&T wireless number: Submit it to the ATT’s Fraud team. For fraud on another account, call customer service no. on your bill.
For Liberty Customers
This incident was when liberty customers were on ATT’s network. So ATT can assist with questions, if there are any, about this breach.
Requesting Your Data
To get the exact phone numbers of the calls and texts that were involved in the breach: Current Customers: Submit a request through AT&T’s online process, which is available through December 2024. Former Customers: If you are affected, AT&T will contact you and provide you with an account number and a case number you may submit in order to make your request. For instructions on how to submit the request, or if you have a business account, please come back to this site on July 19, 2024.
The Complete Notice
Customers with further questions may contact AT&T at 800.852.4346.
Note:
AT&T’s quick response to this data breach and their transparency regarding what happened further demonstrate security considerations in relation to the customer. Following the recommended steps below and guarding against risks will put customers in a much better position for personal information protection. Details can be found in the following official AT&T post about the breach.
César Daniel Barreto
César Daniel Barreto is an esteemed cybersecurity writer and expert, known for his in-depth knowledge and ability to simplify complex cyber security topics. With extensive experience in network security and data protection, he regularly contributes insightful articles and analysis on the latest cybersecurity trends, educating both professionals and the public.