Hackers stole call and text records for "nearly all" AT&T, $T, customers, showing which phone numbers a customer called or texted

Hackers stole call and text records for "nearly all" AT&T, $T, customers, showing which phone numbers a customer called or texted

Hackers have stolen six months' worth of call and text message records of nearly every AT&T cellular network customer, the company reported on Friday, a breach that could expose sensitive information about millions of Americans.

In an SEC filing, AT&T revealed that it learned from an internal investigation that in April, hackers "unlawfully accessed and copied AT&T call logs" stored on a third-party cloud platform.

The compromised data includes records of calls and texts between approximately May 1 and October 31, 2022, and on January 2, 2023.

While the content of the calls and messages was not compromised, and customers' personal information was not accessed, the records did include phone numbers. This information, often referred to as metadata, is considered highly sensitive, especially when collected and analyzed at large scales to reveal patterns and connections between individuals.

According to AT&T's 2023 annual report, the company's wireless network has 127 million connected devices.

"While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number," the company said in its SEC filing.

The Justice Department and the FBI are collaborating with AT&T to investigate the hack. The FCC has also launched an investigation into the breach.

John Scott-Railton, a senior researcher at the University of Toronto's Citizen Lab, which focuses on communications technology and security, described the hack as a "megabreach," emphasizing that stolen metadata at this scale poses a major national security threat as well as issues for businesses and individuals.

"These are incredibly sensitive pieces of personal information, and when taken together at the scale of information included in this AT&T breach, they present a massive NSA-like window into Americans’ activity," he said, referencing the leaks by Edward Snowden that exposed the National Security Agency's bulk collection of metadata.

Thomas Rid, a professor of strategic studies and the director of the Alperovitch Institute for Cybersecurity Studies at Johns Hopkins University, noted that metadata can reveal intimate details about people, though he cautioned that more needs to be learned about what the hackers took from AT&T to fully understand the threat.

"If you have somebody’s metadata, you know when they go to work, where they go to work, where they sleep every night," he said.

AT&T stated that it has "taken additional cybersecurity measures in response to this incident, including closing off the point of unlawful access." Affected customers will be contacted, the company said.