American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to "nearly all" of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T's wireless network.
"Threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, 2024, exfiltrated files containing AT&T records of customer call and text interactions that occurred between approximately May 1 and October 31, 2022, as well as on January 2, 2023," it said.
This comprises telephone numbers with which an AT&T or MVNO wireless number interacted – including telephone numbers of AT&T landline customers and customers of other carriers, counts of those interactions, and aggregate call duration for a day or month.
A subset of these records also contained one or more cell site identification numbers, potentially allowing the threat actors to triangulate the approximate location of a customer when a call was made or a text message was sent. AT&T said it will alert current and former customers if their information was involved.
"Threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, 2024, exfiltrated files containing AT&T records of customer call and text interactions that occurred between approximately May 1 and October 31, 2022, as well as on January 2, 2023," it said.
This comprises telephone numbers with which an AT&T or MVNO wireless number interacted – including telephone numbers of AT&T landline customers and customers of other carriers, counts of those interactions, and aggregate call duration for a day or month.
A subset of these records also contained one or more cell site identification numbers, potentially allowing the threat actors to triangulate the approximate location of a customer when a call was made or a text message was sent. AT&T said it will alert current and former customers if their information was involved.
