AT&T has admitted that ‘tens of millions’ of customers were involved in a huge data breach that rocked the telecom titan back in 2022. Although the breach impacted AT&T cellphone customers, the company has since stated that the exposed data did not contain the contents of personal calls and messages, and shouldn’t be available to the public.
The customer data was downloaded from an AT&T workspace via a third-party cloud platform – all without authorization, of course. The data was made up of “nearly all” AT&T customers’ call and text records from May 1, 2022, to October 31, 2022, making it a textbook target for cybercriminals hoping to turn personally identifiable information into a profit via the dark web.
Unfortunately, the records also list the numbers that the affected AT&T customers called and texted, as well as the number of interactions and their durations.
AT&T’s statement also mentions that records from the January 2, 2023 data breach impacted a small number of customers.
As mentioned earlier, the contents of the leaked calls and texts aren’t included in the breached data. It also does not include call or text timestamps, sensitive information like Social Security numbers, or personal details like dates of birth. AT&T also pointed out that while the records don’t include customer names, either, there are plenty of legitimate ways for anyone to link a cellphone number to the name of the person using it.
What happens next?
AT&T has reassured customers that the affected access point has been secured – which is good news. The company has also teamed up with law enforcement to sniff out the cybercriminals behind the attack. In fact, one individual has already been caught out and “apprehended”
The company has also stated that it’ll be in touch with customers (past and present) to confirm that their data was involved in the leak. So, if you’ve been an AT&T client at any point since May 2022, you’ll want to keep an eye out for an email – just in case.
For anyone who is impacted by the AT&T breach (or for you privacy-oriented folks out there), there are a few things you can do to limit the damage to your overall digital security. Firstly, it’s well worth changing the password associated with your AT&T account – especially if you use it for other sites and apps. Then, I’d recommend checking out one of the best VPNs available today. A VPN keeps all of your personal data hidden away from prying eyes and nosy third parties, encrypting it as you go about your day-to-day browsing. Plus, our #1 rated VPN, NordVPN, even has handy Threat Protection tools that’ll zap pop-up ads and fight off phishing attempts.