AT&T claims that hackers obtained call and text logs for almost all of its mobile users

AT&T claims that hackers obtained call and text logs for almost all of its mobile users

Nearly every AT&T cellular network customer’s call and text message records dating back six months were stolen by hackers, the firm revealed on Friday. This breach has the potential to expose private information about millions of Americans.

Through an internal investigation, the company claimed in an SEC filing that it discovered in April that hackers “unlawfully accessed and copied AT&T call logs” that were stored on a third-party cloud platform.

Join our Channel

Records of calls and messages made between roughly May 1 and October 31, 2022, as well as on January 2, 2023, are included in the data.

Phone numbers were included in the records, but neither the messages nor the calls’ substance were accessed, nor were the consumers’ private information stolen. This type of data, which is sometimes referred to as metadata and pertains to communications, is regarded as extremely sensitive, particularly when it is gathered and examined extensively to identify trends and relationships among individuals.

As per the company’s 2023 annual report, 127 million devices are linked to AT&T’s cellular network.

“Even though customer names are not included in the data, there are frequently methods to locate the name linked to a particular phone number utilizing freely accessible internet resources,” the business stated in its SEC filing.

Both the FBI and the Justice Department have stated that they are collaborating with AT&T to look into the attack. The FCC added that it had opened an inquiry into the security lapse.

Senior researcher John Scott-Railton of the University of Toronto’s Citizen Lab, which specializes in communications technology and security, referred to the hack as “megabreach,” stressing that metadata stolen at this scale has the potential to be a significant threat to national security in addition to being an issue for both individuals and businesses.

He made reference to the Edward Snowden leaks that revealed the National Security Agency’s mass metadata collection when he said, “When combined with the volume of data that seems to be part of the AT&T breach, these incredibly private pieces of information present a vast NSA-like window into the activities of Americans.”

The director of the Alperovitch Institute for Cybersecurity Studies at Johns Hopkins University and a professor of strategic studies, Thomas Rid, noted that metadata can reveal personal information about individuals, but he cautioned that more information about the items that hackers stole from AT&T must be obtained before a complete picture of the threat can be drawn.

“If you possess an individual’s information, you can ascertain their daily schedule, place of employment, and place of sleep” he stated.

AT&T stated that it had “In reaction to this occurrence, further cybersecurity precautions have been implemented, such as blocking the point of unauthorized entry.” It stated that customers impacted by the hack would be contacted.

The business stated that, following an undisclosed amount of time, the U.S. Justice Department had ordered it to make public the specifics of the hack, which occurred between May 8 and June 5.

In an effort to help law enforcement apprehend the hackers, AT&T further stated that it is providing support.

The company stated, “AT&T has information to suggest that at least one person has been taken into custody,” without going into further information.

Customers were reassured by the business that, as of Friday at the latest, “AT&T doesn’t think the information is accessible to the general public.”

Additionally, the document stated that the intrusion will not have an adverse effect on the company’s operations or financial outcomes.

The name of a person is not included in metadata by itself, even if it can be easily found online.

But because of a prior security flaw, the attack that was made public on Friday might even more dangerously affect AT&T customers. According to Jake Williams, vice president of research and development at the IT consulting firm Hunter Strategy, certain AT&T customer names were previously made public in a hack that was disclosed in March. Social Security numbers were also disclosed in that incident.

“Threat actors will be able to link a significant portion of the phone numbers in these customer records to the real victims affected by the incident thanks to previously compromised and made public AT&T data,” Williams wrote in an email to NBC News.

The incident, according to a statement from Sen. Ron Wyden (D-Ore.), was a sign of the loose laws that govern the operations of telecom firms.

“Major phone companies have previously disclosed data breaches before, and this one won’t be the last,” he stated. “These intrusions, which are almost always the result of inadequate cybersecurity, won’t cease until the FCC begins holding the carriers accountable for their stupidity. These companies won’t stop jeopardizing the security of their customers unless they pay billion-dollar fines.”

Leave a comment