Hackers broke right into a cloud platform utilized by AT&T and accessed the telephone data of “practically all” of its mobile clients, AT&T introduced on Friday.
AT&T mentioned the stolen information incorporates telephone numbers of each mobile and landline clients, in addition to AT&T data of calls and textual content messages throughout a six-month interval between Might 1, 2022 and October 31, 2022.
AT&T mentioned a few of the stolen information contains newer data from January 2, 2023 for a smaller, unspecified variety of clients, in addition to name data of consumers with different mobile carriers that depend on AT&T’s community.
A number of the data embody cell web site identification numbers linked to calls and texts, which can be utilized to work out the approximate location of the place a name was made or message despatched.
The downloaded information does not embody the content material of any calls or texts, or their time stamps, in accordance with AT&T. It additionally does not have any particulars akin to Social Safety numbers, dates of start, or different personally identifiable data.
AT&T mentioned it realized of the information breach on April 19, and that it’s unrelated to an earlier safety incident in March. The corporate mentioned it doesn’t imagine the information is publicly out there at the moment, and it continues to work with legislation enforcement to establish and apprehend these concerned. At the very least one particular person is alleged to have been arrested.
AT&T informed TechCrunch that the newest compromise of buyer data had been stolen from the cloud information large Snowflake throughout a latest spate of information thefts concentrating on Snowflake’s clients. Different firms which have confirmed stolen information from Snowflake embody Ticketmaster, QuoteWizard, and others.
Cybersecurity researchers from incident response agency Mandiant say the hacker group is generally based mostly within the US and people concerned are financially motivated.
AT&T clients involved about phishing and smishing scams ought to go to the corporate’s help article, which additionally contains recommendation on tips on how to shield your self from on-line fraud.