AT&T revealed on Friday {that a} huge information hack, initially uncovered in April, could have been worse than beforehand thought.
The decision and textual content logs of “practically all” of its mobile prospects have been uncovered within the breach.
“In April, AT&T realized that buyer information was illegally downloaded from our workspace on a third-party cloud platform,” the corporate mentioned in a press release. “We launched an investigation and engaged main cybersecurity consultants to know the character and scope of the felony exercise. We’ve taken steps to shut off the unlawful entry level.”
The compromised information consists of recordsdata containing AT&T information of calls and texts of “practically all” of AT&T’s mobile prospects from Might 1, 2022 – October 31, 2022. Per CNN, on the finish of 2022, AT&T had 110 million wi-fi subscribers.
The corporate mentioned the info “doesn’t include the content material of calls or texts, private info similar to Social Safety numbers, dates of delivery, or different personally identifiable info.”
“At the moment, we don’t imagine that the info is publicly out there,” AT&T mentioned within the assertion. “We’re working with legislation enforcement in its efforts to arrest these concerned within the incident. We perceive that at the least one individual has been apprehended.”
Clients can go to att.com/DataIncident for extra info.
[Original story below from 4/1/2024]
Present and former AT&T prospects beware.
The cellular and web service supplier confirmed over the weekend the corporate suffered from a large information breach which will have leaked the private info of an estimated 7.6 million present AT&T prospects and 65.4 million former prospects, totaling 73 million customers affected.
AT&T mentioned that, roughly two weeks in the past, the info set was leaked to the “darkish internet.” It is unclear if the leak originated from AT&T or a third-party vendor.
Associated: ‘I Desire a Free Month’: 1000’s of Clients Livid at AT&T After Widespread Outages
Compromised information could embody social safety numbers, full names, telephone numbers, AT&T account info (numbers and passcodes), and e-mail and mailing addresses.
“Presently, AT&T doesn’t have proof of unauthorized entry to its techniques leading to exfiltration of the info set. The corporate is speaking proactively with these impacted and might be providing credit score monitoring at our expense the place relevant,” the corporate mentioned in a launch. “As of right now, this incident has not had a fabric affect on AT&T’s operations.”
The corporate additionally clarified that the info “seems” to be from accounts created in 2019 or earlier.
Information of the leak was initially posted on X by tech account @vx-underground on March 17, which claimed that “the stolen information is professional” and was leaked onto darkish internet platform Breached.
At present 70,000,000+ information from an unspecified division of AT&T had been leaked onto Breached. No info is out there to point whether or not it’s a third social gathering compromise, or which ‘division’ this information is from.
Regardless, upon evaluate, we are able to verify the stolen information is professional.
β vx-underground (@vxunderground) March 17, 2024
Earlier this yr, in February, AT&T suffered a mass outage that affected roughly 75% of the corporate’s complete prospects. CEO John Stankey confirmed that prospects who had been “most affected” by the service disruption will obtain a $5 credit score to their account.
Associated: Maine Hacked in Knowledge Breach, 1.3 Million Residents At Threat
“Moments like these are a take a look at of resilience,” Stankey wrote on the time in an inner memo. “This isn’t our first community outage, and it will not be our final β sadly, it is the fact of our enterprise. What issues most is how we react, adapt, and enhance to ship the service our prospects want and anticipate.”
AT&T was down over 10.5% yr over yr as of Monday morning.
