AT&T Inc. has reported a significant breach involving customer data, including records of calls and texts for nearly all of its mobile-phone users over a six-month period in 2022. The incident is separate from another breach reported earlier this year. According to a recent regulatory filing, the breach, which had not been previously disclosed, also affected records from customers of other wireless service providers using AT&T’s network between May 1, 2022, and October 31, 2022.
The data was reportedly accessed and downloaded from the Snowflake cloud platform. While the compromised data includes records of calls and texts, it does not include the actual content of these communications. AT&T stated they became aware of the breach in April.
This breach is one of the largest involving private communications data in recent memory, raising significant concerns about data security and privacy for millions of users. Legal professionals and corporate entities using similar cloud services should view this as a critical reminder to scrutinize their data protection protocols.