AT&T has revealed that a security breach on a third-party cloud platform resulted in the exposure of call and text records for nearly all its cellular customers. The incident was part of a larger attack affecting multiple companies using Snowflake’s AI data cloud, which was infiltrated by hackers using information-stealing malware. AT&T confirmed the scope of the breach in a statement.
The exposed data includes phone numbers contacted by AT&T subscribers, but not names or the content of the communications. However, there are ways, using public tools, to associate phone numbers with specific individuals. The breach also encompasses records from mobile virtual network operators (MVNOs) utilizing AT&T’s network, as well as landline customers who interacted with the compromised cellular numbers.
AT&T announced that it has taken steps to close the point of unlawful access and is collaborating with law enforcement. At least one person involved has been apprehended, according to AT&T’s announcement. The breach did not involve Social Security numbers, dates of birth, or other personally identifiable information.
The Federal Bureau of Investigation (FBI) and Federal Communications Commission (FCC) are both involved in the ongoing investigation, with the FBI initially delaying public reporting due to potential risks to national security and public safety. More information on the data associated with the breach and how to request it is available on this page.
AT&T clarified that this incident is separate from another breach revealed earlier this year that affected 73 million current and former subscribers.