Massive Data Breach Exposes AT&T Customer Records: National Security Concerns Delay Disclosure

AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people – nearly all of its customers. The company attributed the delay in disclosing the incident to ‘national security and public safety concerns.’

According to the disclosure filing with the U.S. Securities and Exchange Commission, cyber intruders gained access to an AT&T workspace on a third-party cloud platform in April and extracted files containing customer call and text interactions over specific periods.

The stolen data encompassed records of calls and texts for mobile providers reselling AT&T’s services, omitting personally identifiable information such as Social Security numbers or dates of birth. However, a subset of the records contained data about cellular communications tower locations linked to the subscriber.

AT&T acknowledged learning about the breach on April 19 but refrained from reporting it promptly at the urging of federal investigators. The incident has resulted in at least one person being detained in relation to the breach, as confirmed by the FBI.

Reports suggest that the customer data breach stemmed from a larger data theft scenario involving more than 160 customers of the cloud data provider Snowflake, including major corporations like Advance Auto Parts, Allstate, Anheuser-Busch, and Ticketmaster.

Previous incidents, Atmosphere over AT&T following similar breaches earlier this year impacting millions of current and former account holders, raise questions about data security protocols within large corporations and the lack of multi-factor authentication measures.

Mark Burnett, an application security architect, shared concerns about the breach, emphasizing the potential utilization of the stolen call and text records for Social Network Analysis, pointing to the broader implications of such breaches.