In the AT&T hack, hackers have stolen six months’ worth of call and text message records of nearly all AT&T cellular network customers, the company announced on Friday.
According to an SEC filing, AT&T discovered through an internal investigation that in April, hackers “unlawfully accessed and copied AT&T call logs” stored on a third-party cloud platform.
The compromised data includes records of calls and texts between May 1 and October 31, 2022, and on January 2, 2023.
Although the content of the calls and messages was not compromised, and customers’ personal information was not accessed, the records did contain phone numbers. This breach highlights the significant cybersecurity challenges facing large corporations.
AT&T’s wireless network supports 127 million devices, as stated in the company’s 2023 annual report.
“While the data does not include customer names, it is often possible to find the name associated with a specific phone number using publicly available online tools,” the company explained in the SEC filing.
In response to the incident, AT&T has “implemented additional cybersecurity measures, including closing the point of unlawful access.” Affected customers will be notified, the company said.
The U.S. Justice Department mandated that AT&T publicly disclose the details of the hack on May 8 and June 5, but only after a certain delay.
AT&T is cooperating with law enforcement in efforts to apprehend the hackers.
“Based on available information, AT&T understands that at least one person has been apprehended,” the company noted, without providing further details.
How to overcome negative thinking patterns?
The company reassured customers that, as of Friday, “AT&T does not believe the data is publicly available.”
The filing also stated that the hack would not impact its operations or negatively affect its financial results.