AT&T Cyberattack Impacts Call, Text Data of Wireless Customers

A cyberattack has put the call and text data of nearly all AT&T wireless customers and those of its mobile virtual network operators at risk.

In an SEC filing, AT&T said it learned on April 19 that a threat actor claimed to have accessed and copied AT&T call logs. The company said they believe they accessed an AT&T workspace on a third-party cloud platform between April 14 and April 25. During that time, they stole files containing customer call and text records that occurred between May 1 and Oct. 31, 2022, as well as data from Jan. 2, 2023, according to the company.

“Current analysis indicates that the data includes, for these periods of time, records of calls and texts of nearly all of AT&T’s wireless customers and customers of mobile virtual network operators (“MVNO”) using AT&T’s wireless network,” the filing states. 

AT&T said the data does not include the content of calls or texts or any personal information including Social Security numbers, birthdates or other personally identifiable information.

The company said the data includes records of calls and texts from “nearly all of AT&T’s wireless customers and customers of mobile virtual network operators using AT&T’s wireless network.” The data does identify the telephone numbers interacted with during those periods, number of interactions and call duration. 

Related:AT&T Data Breach Impacts 73 Million

“While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number,” the company said. 

AT&T said it closed off the point of access, following the breach and that the company would be notifying current and former impacted customers.

Earlier this year, more than 70 million current and former AT&T customers were impacted by a data breach when the personal data of 7.6 million current account holders and 65.4 million former account holders was released as part of a data set on the dark web.