Last Updated on October 9, 2024
[Update: October 9, 2024]
AT&T recently agreed to pay $13 million to settle an investigation regarding a data breach of a cloud vendor in January 2023, which affected 8.9 million AT&T wireless customers, according to the Federal Communications Commission (FCC). The FCC stated that the fine resolves its inquiry into whether AT&T adequately protected customer information. As part of the agreement, AT&T will enhance its data governance practices to improve supply chain integrity in managing sensitive data, aiming to safeguard consumers against similar breaches in the future. The FCC is currently investigating the much larger data breach below.
[Update: July 29, 2024]
It has been reported that AT&T paid a hacker approximately $370,000 to delete some of the customer data. AT&T negotiated through an intermediary named Reddington, who acted on behalf of a member of the ShinyHunters hacking group. Initially, the hacker demanded $1 million, but AT&T managed to negotiate the amount down and paid $370,000 in bitcoin. The hacker then provided a video to demonstrate the data’s deletion.
Reddington, who also received payment for his role in the negotiations, believes that the only complete copy of the data was deleted after AT&T paid the ransom. However, he acknowledged that excerpts of the data might still be circulating. Stay tuned for more updates!
[Update: July 15, 2024]
Back in April we reported on the huge AT&T data breach that affected up to 73 million current and former customers. Just three months later, the telecommunications giant and its customers have further cause for dismay. AT&T has confirmed a significant data breach impacting tens of millions of its customers. On Friday, the company announced that cybercriminals had accessed the phone records of “nearly all” its customers. This information includes both cellular and landline numbers, along with call and text message records spanning six months from May 1, 2022, to October 31, 2022.
AT&T Data Breach: What Happened?
The compromised data includes phone numbers, call and text message records, interaction details, and call durations. However, AT&T emphasized that the content of the calls and texts, as well as the exact timestamps, were not part of the stolen data. Some records also included cell site identification numbers, which can identify the location of calls and texts.
In total, around 110 million AT&T customers will be notified about the breach. The affected data also extends to customers of other cell carriers using AT&T’s network. Additionally, a smaller, unspecified number of records from January 2, 2023, were also involved.
Connection to Snowflake
AT&T discovered the breach on April 19. The breach was traced back to Snowflake, a cloud data platform used by many companies for large-scale data analysis. Snowflake recently faced a series of data thefts targeting its customers, including Ticketmaster. Snowflake attributed these breaches to its customers not utilizing multi-factor authentication.
AT&T Response
AT&T has launched a website to provide affected customers with information regarding the incident and has disclosed the breach in a regulatory filing. The Federal Communications Commission (FCC) is investigating the breach and coordinating with law enforcement. AT&T reassured the public that the exposed data is not publicly available, and has expressed regret over the incident, reaffirming its commitment to safeguarding customer information.
Impact and Safety Measures
The breach has exposed the phone records of tens of millions of AT&T customers, including those of other carriers using AT&T’s network. Despite the data not containing Social Security numbers, birth dates, or customer names, publicly available tools can often link names to specific phone numbers.
AT&T will notify both current and former customers affected by the breach and provide resources to help them protect their information. Although specific timestamps of calls and texts were not compromised, the number of interactions and total call durations for certain periods were exposed. This data could reveal interaction patterns between phone numbers over specific days or months.
AT&T believes that at least one person involved in the breach is in custody, as noted in a filing with the Securities and Exchange Commission. The FBI has not commented on this claim.
Investigations remain ongoing. In the meantime, be sure to:
- Change your passwords. Make sure your passwords are strong and not easily discovered. Trend Micro ID Protection can help you create strong passwords and offers a password manager as part of the service.
- Turn on multi-factor or two-factor authentication for all your accounts. Not sure how to get started? Here are some tips.
- Stay alert. When big data breaches occur, it usually coincides with increased cybercriminal activity. Be on the lookout for an increase in phishing attacks. When in doubt, don’t click links or reply!
Protect Your Privacy and Identity
Compromised personal data can have serious consequences, including identity theft and financial fraud. We would encourage readers to head over to our ID Protection portal, which has been designed to meet these challenges.
With ID Protection, you can:
- Check to see if your data (email, number, password, credit card) has been exposed in a leak, or is up for grabs on the dark web;
- Secure your social media accounts with our Social Media Account Monitoring tool, with which you’ll receive a personalized report;
- Create the strongest tough-to-hack password suggestions from our advanced AI (they’ll be safely stored in your Vault);
- Enjoy a safer browsing experience, as Trend Micro checks websites and prevents trackers.
- Receive comprehensive remediation and insurance services, with 24/7 support.
Why not give it a go today? As always, we hope this article has been an interesting and/or useful read. If so, please do SHARE it with family and friends to help keep the online community secure and informed — and consider leaving a like or comment below.