Current:Home > InvestAT&T says hackers accessed records of calls and texts for nearly all its cellular customers -WealthSphere Pro
AT&T says hackers accessed records of calls and texts for nearly all its cellular customers
View
Date:2025-04-24 13:02:12
AT&T on Friday disclosed that hackers had accessed records of calls and texts of "nearly all" its cellular customers for a six-month period between May 1, 2022 to Oct. 31, 2022.
In its statement, AT&T said the compromised data doesn't include the content of the calls or texts, or personal information such as Social Security numbers, birth dates or other personally identifiable information.
The hack also includes records from Jan. 2, 2023 for a "very small number of customers," AT&T said.
The telecom giant said that it learned about the illegal download in April, and that it is working with law enforcement, noting that "at least one person has been apprehended." While the files don't include call or text content, AT&T said the data identifies telephone numbers that an AT&T number interacted with during the periods.
"At this time, we do not believe that the data is publicly available," AT&T said in the statement.
This data breach is separate from one disclosed earlier this year by AT&T, the company told CBS MoneyWatch in an email. In that case, hackers have stolen personal information for millions of current and former AT&T customers, with the fraudsters sharing the data on the dark web.
Even though the breach didn't include personally identifiable information, some security experts warned that any information could help hackers gain access to more data, opening the door to fraud.
"These types of identity-based attacks that exfiltrate customer records can allow attackers to piece together the personal data of individuals, including names, phone numbers, addresses and financial and Social Security details, placing millions of people at risk for identity theft or fraud," said Dan Schiappa, chief product and services officer at Arctic Wolf, a cybersecurity company.
Companies are required to disclose security breaches to customers within 30 days of becoming aware of an incident, according to U.S. securities regulations. But when AT&T reached out to the FBI about the breach, the agency authorized a delay because of concerns about security risks, the FBI told CBS News in a statement.
The FBI noted that after learned of the breach, it worked with AT&T as well as the Department of Justice to investigating the incident.
In a separate statement, the Justice Department said it determined that a delay in publicly disclosing the incident was warranted because it could "pose a substantial risk to national security and public safety." On Friday, the U.S. Federal Communications Commission also said it is investigating the breach.
AT&T data breach: Was I affected?
AT&T said it will alert customers who were impacted via text, email or U.S. mail. It also said people could log into their account, where they'll be able to see if their data was affected.
Customers "can also request a report that provides a more user-friendly version of technical information that was compromised," a spokesperson told CBS MoneyWatch.
AT&T said customers can visit att.com/DataIncident for more information.
Is AT&T providing identity theft protection?
No, AT&T said it's not providing additional protection services at this time.
However, it warned customers to be cautious about email or text requests that ask for personal, account or credit card information.
"For example, bad actors will often send emails that try to get you to click on links that contain malicious software (known as 'phishing')," the company said. "Another technique bad actors use involves sending text messages that attempt to get recipients to reveal important information like passwords or account information ('smishing')."
AT&T recommends that people only open texts or emails from people they know, and advises not to reply with personal information to any text or email from someone you don't know. It also recommends that customers go directly to a company's website rather than clicking on a link in a message or email, since scammers sometimes build fake websites that are designed to look like the real thing.
"In case of suspicious text activity, you may forward it to us so that we can act. Get step-by-step instructions to report unwanted text messages by following this link. Messages forwarded are free and will not count toward your text plan," the company said.
- In:
- Data Breach
- AT&T
Aimee Picchi is the associate managing editor for CBS MoneyWatch, where she covers business and personal finance. She previously worked at Bloomberg News and has written for national news outlets including USA Today and Consumer Reports.
TwitterveryGood! (329)
Related
- Backstage at New York's Jingle Ball with Jimmy Fallon, 'Queer Eye' and Meghan Trainor
- Family, friends mourn the death of pro surfer Mikala Jones: Legend
- Christopher Meloni, Oscar Isaac, Jeff Goldblum and More Internet Zaddies Who Are Also IRL Daddies
- Amazon ends its charity donation program AmazonSmile after other cost-cutting efforts
- The Daily Money: Spending more on holiday travel?
- At buzzy health care business conference, investors fear the bubble will burst
- Activists Eye a Superfund Reboot Under Biden With a Focus on Environmental Justice and Climate Change
- Big Rigged (Classic)
- DeepSeek: Did a little known Chinese startup cause a 'Sputnik moment' for AI?
- Forests of the Living Dead
Ranking
- Off the Grid: Sally breaks down USA TODAY's daily crossword puzzle, Hi Hi!
- Ticketmaster halts sales of tickets to Taylor Swift Eras Tour in France
- U.S. hits its debt limit and now risks defaulting on its bills
- Senate 2020: In Colorado, Where Climate Matters, Hickenlooper is Favored to Unseat Gardner
- A White House order claims to end 'censorship.' What does that mean?
- In Georgia Senate Race, Warnock Brings a History of Black Faith Leaders’ Environmental Activism
- Amazon ends its charity donation program AmazonSmile after other cost-cutting efforts
- Warming Trends: Stories of a Warming Sea, Spotless Dragonflies and Bad News for Shark Week
Recommendation
Angelina Jolie nearly fainted making Maria Callas movie: 'My body wasn’t strong enough'
Inside Clean Energy: Coronavirus May Mean Halt to Global Solar Gains—For Now
In Georgia Senate Race, Warnock Brings a History of Black Faith Leaders’ Environmental Activism
Thinx settled a lawsuit over chemicals in its period underwear. Here's what to know
FACT FOCUS: Inspector general’s Jan. 6 report misrepresented as proof of FBI setup
How Capturing Floodwaters Can Reduce Flooding and Combat Drought
U.S. hits its debt limit and now risks defaulting on its bills
Here's what's at stake in Elon Musk's Tesla tweet trial