The data of nearly all customers of the telecommunications giant AT&T was downloaded to a third-party platform in a security breach, the company has said, as cyberattacks against businesses, schools and health systems continue to spread globally.
The breach, which was announced by the company on Friday, took place largely over five months in 2022. It hit customers of AT&T’s mobile customers, customers of mobile virtual network operators using AT&T’s wireless network, as well as its landline customers who interacted with those cellular numbers.
Approximately 109 million customer accounts were affected, according to AT&T, which said that it currently does not believe that the data is publicly available.
“The data does not contain the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information,” AT&T said Friday.
The compromised data also does not include some information typically seen in usage details, such as the time stamp of calls or texts, the company said, or customer names. AT&T, however, said that there are often ways using publicly available online tools to find the name associated with a specific telephone number.
Cybersecurity experts concurred, saying that such data can be used to trace users.
“While the information that was exposed doesn’t directly have sensitive information, it can be used to piece together events and who may be calling who. This could impact people’s private lives as private calls and connections could be exposed,” Thomas Richards, principal consultant at Synopsys Software Integrity Group, said in an emailed statement. “The business phone numbers will be easy to identify and private numbers can be matched to names with public record searches.”
An internal investigation determined that compromised data includes AT&T records of calls and texts between May 1, 2022 and October 31, 2022.
AT&T identified the third-party platform as Snowflake and said that the incident was limited to an AT&T workspace on that cloud company’s platform and did not affect its network.
United Arab Emirates Dirham Exchange Rate
