AT&T announced in an SEC filing that hackers unlawfully accessed and copied six months' worth of mobile phone customer data from a third-party cloud platform, Snowflake Inc. The breach occurred between April 14 and April 25, 2024, and also on January 2, 2023. This incident exposed records of calls and text interactions for nearly all of AT&T's wireless customers.
The stolen data includes telephone numbers with which AT&T or MVNO wireless numbers interacted, interaction counts, and aggregate call durations, with a subset also containing cell site identification numbers. Importantly, the content of calls or texts, personal information such as Social Security numbers, or dates of birth were not exposed. AT&T has closed the point of unlawful access and is working with law enforcement, with at least one apprehension made.
The U.S. Department of Justice had previously requested a delay in public disclosure, which AT&T complied with. The Federal Communications Commission is also investigating the incident. AT&T will provide notice to its current and former impacted customers, emphasizing its commitment to data security.
The content on BeyondSPX is for informational purposes only and should not be construed as financial or investment advice. We are not financial advisors. Consult with a qualified professional before making any investment decisions. Any actions you take based on information from this site are solely at your own risk.