AT&T has filed a Form 8-K with the US Securities and Exchange Commission outlining a significant breach which disclosed all text and call logs of customers from April to May 2022. The announcement reads below:."On April 19, 2024, AT&T Inc. ("AT&T") learned that a threat actor claimed to have unlawfully accessed and copied AT&T call logs…Based on its investigation, AT&T believes that threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, 2024, exfiltrated files containing AT&T records of customer call and text interactions that occurred between approximately May 1 and October 31, 2022, as well as on January 2, 2023…".The disclosure also claims that the content of the calls, texts, and personal information (SSN, DoB, etc.) were not disclosed. However, since the phone numbers of the victims and their cell site identification numbers were stolen, publicly available information can easily link victims to their names. This breach extends to landline customers that interacted with cell numbers.
AT&T has filed a Form 8-K with the US Securities and Exchange Commission outlining a significant breach which disclosed all text and call logs of customers from April to May 2022. The announcement reads below:."On April 19, 2024, AT&T Inc. ("AT&T") learned that a threat actor claimed to have unlawfully accessed and copied AT&T call logs…Based on its investigation, AT&T believes that threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, 2024, exfiltrated files containing AT&T records of customer call and text interactions that occurred between approximately May 1 and October 31, 2022, as well as on January 2, 2023…".The disclosure also claims that the content of the calls, texts, and personal information (SSN, DoB, etc.) were not disclosed. However, since the phone numbers of the victims and their cell site identification numbers were stolen, publicly available information can easily link victims to their names. This breach extends to landline customers that interacted with cell numbers.