Bad actors have breached a cloud platform used by AT&T and have accessed the phone records of “nearly all” AT&T customers, the telecommunications giant announced on Friday.
The stolen data includes the phone numbers of both cellular and landline AT&T customers, along with records of calls and text messages covering a six-month period between May 1, 2022 and October 31, 2022.
The stolen data also includes more recent records from January 2, 2023 for a smaller, unspecified number of customers, as well as call records of customers with other cellular carriers that rely on AT&T’s network. Some of the records also include cell site identification information for calls and texts, which could be used to determine the approximate location where a call was made or a text message was sent.
The purloined data does not include any call or text content or time stamps, according to AT&T. Information such as Social Security numbers, dates of birth, or other personally identifiable information was also not included in the breach.
AT&T said it learned of the data breach on April 19, and that it is unrelated to an earlier security incident in March. The company said it does not believe the data is available to the public at this time, and it is working with law enforcement to identify and apprehend those involved. At least one bad actor is under arrest.
TechCrunch reports that the records were stolen from cloud giant SOnwflake during a recent rash of data thefts targeting the
AT&T told TechCrunch that the most recent compromise of customer records was stolen from the cloud data giant Snowflake during a recent spate of data thefts targeting the cloud data platform’s customers. Several other companies have confirmed they have had data stolen from Snowflake, including Ticketmaster, QuoteWizard, and others.
AT&T customers are encouraged to read the company’s support article.