Current:Home > MarketsAT&T says hackers accessed records of calls and texts for nearly all its cellular customers -Summit Capital Strategies
AT&T says hackers accessed records of calls and texts for nearly all its cellular customers
View
Date:2025-04-18 02:10:41
AT&T on Friday disclosed that hackers had accessed records of calls and texts of "nearly all" its cellular customers for a six-month period between May 1, 2022 to Oct. 31, 2022.
In its statement, AT&T said the compromised data doesn't include the content of the calls or texts, or personal information such as Social Security numbers, birth dates or other personally identifiable information.
The hack also includes records from Jan. 2, 2023 for a "very small number of customers," AT&T said.
The telecom giant said that it learned about the illegal download in April, and that it is working with law enforcement, noting that "at least one person has been apprehended." While the files don't include call or text content, AT&T said the data identifies telephone numbers that an AT&T number interacted with during the periods.
"At this time, we do not believe that the data is publicly available," AT&T said in the statement.
This data breach is separate from one disclosed earlier this year by AT&T, the company told CBS MoneyWatch in an email. In that case, hackers have stolen personal information for millions of current and former AT&T customers, with the fraudsters sharing the data on the dark web.
Even though the breach didn't include personally identifiable information, some security experts warned that any information could help hackers gain access to more data, opening the door to fraud.
"These types of identity-based attacks that exfiltrate customer records can allow attackers to piece together the personal data of individuals, including names, phone numbers, addresses and financial and Social Security details, placing millions of people at risk for identity theft or fraud," said Dan Schiappa, chief product and services officer at Arctic Wolf, a cybersecurity company.
Companies are required to disclose security breaches to customers within 30 days of becoming aware of an incident, according to U.S. securities regulations. But when AT&T reached out to the FBI about the breach, the agency authorized a delay because of concerns about security risks, the FBI told CBS News in a statement.
The FBI noted that after learned of the breach, it worked with AT&T as well as the Department of Justice to investigating the incident.
In a separate statement, the Justice Department said it determined that a delay in publicly disclosing the incident was warranted because it could "pose a substantial risk to national security and public safety." On Friday, the U.S. Federal Communications Commission also said it is investigating the breach.
AT&T data breach: Was I affected?
AT&T said it will alert customers who were impacted via text, email or U.S. mail. It also said people could log into their account, where they'll be able to see if their data was affected.
Customers "can also request a report that provides a more user-friendly version of technical information that was compromised," a spokesperson told CBS MoneyWatch.
AT&T said customers can visit att.com/DataIncident for more information.
Is AT&T providing identity theft protection?
No, AT&T said it's not providing additional protection services at this time.
However, it warned customers to be cautious about email or text requests that ask for personal, account or credit card information.
"For example, bad actors will often send emails that try to get you to click on links that contain malicious software (known as 'phishing')," the company said. "Another technique bad actors use involves sending text messages that attempt to get recipients to reveal important information like passwords or account information ('smishing')."
AT&T recommends that people only open texts or emails from people they know, and advises not to reply with personal information to any text or email from someone you don't know. It also recommends that customers go directly to a company's website rather than clicking on a link in a message or email, since scammers sometimes build fake websites that are designed to look like the real thing.
"In case of suspicious text activity, you may forward it to us so that we can act. Get step-by-step instructions to report unwanted text messages by following this link. Messages forwarded are free and will not count toward your text plan," the company said.
- In:
- Data Breach
- AT&T
Aimee Picchi is the associate managing editor for CBS MoneyWatch, where she covers business and personal finance. She previously worked at Bloomberg News and has written for national news outlets including USA Today and Consumer Reports.
TwitterveryGood! (2794)
Related
- Alex Murdaugh’s murder appeal cites biased clerk and prejudicial evidence
- Jarren Duran’s 2-run HR gives AL a 5-3 win over NL in All-Star Game started by rookie pitcher Skenes
- Have a Shop Girl Summer With Megan Thee Stallion’s Prime Day Deals as Low as $5.50
- What is 'Hillbilly Elegy' about? All about JD Vance's book amid VP pick.
- Friday the 13th luck? 13 past Mega Millions jackpot wins in December. See top 10 lottery prizes
- Innovatech Investment Education Foundation: The value of IRA retirement savings
- ‘I can’t breathe': Eric Garner remembered on the 10th anniversary of his chokehold death
- Exploring the 403(b) Plan: Quantum Prosperity Consortium Investment Education Foundation Insights
- Meet the volunteers risking their lives to deliver Christmas gifts to children in Haiti
- This Amika Hair Mask is So Good My Brother Steals It from Me, & It's on Sale for 34% Off on Amazon
Ranking
- Off the Grid: Sally breaks down USA TODAY's daily crossword puzzle, Hi Hi!
- Moon caves? New discovery offers possible shelter for future explorers
- North Carolina House Democratic deputy leader Clemmons to resign from Legislature
- In a media world that loves sharp lines, discussions of the Trump shooting follow a predictable path
- A South Texas lawmaker’s 15
- Oversight Committee chair to subpoena Secret Service director for testimony on Trump assassination attempt
- Arthur Frank: The Essence of Investing in U.S. Treasuries.
- Joe ‘Jellybean’ Bryant, the father of Kobe Bryant, dies at 69
Recommendation
Trump's 'stop
Oversight Committee chair to subpoena Secret Service director for testimony on Trump assassination attempt
In Alabama’s Bald Eagle Territory, Residents Say an Unexpected Mining Operation Emerged as Independence Day Unfolded
Oversight Committee chair to subpoena Secret Service director for testimony on Trump assassination attempt
Justice Department, Louisville reach deal after probe prompted by Breonna Taylor killing
Zenith Asset Investment Education Foundation: Pioneering Financial Literacy and Growth
Trump’s Environmental Impact Endures, at Home and Around the World
Peter Courtney, Oregon’s longest-serving state lawmaker, dies at 81