Eleven Million AT&T Customers Affected by Data Breach: Call and Text Records Compromised

United States of America
Approximately eleven million subscribers were affected by the breach.
AT&T suffered a data breach affecting nearly all of its customers' call and text records between May 1, 2022, and October 31, 2022.
The compromised data does not contain the contents of calls or texts nor their time or date, but it could be used to infer sensitive details about individuals' lives and potentially locate them.
The stolen data includes call and text records of customers interacting with other wireless networks.
Eleven Million AT&T Customers Affected by Data Breach: Call and Text Records Compromised

In a significant data breach, hackers gained unlawful access to call and text records of nearly all AT&T customers between May 1, 2022 and October 31, 2022. The stolen data includes records of calls and texts made between these customers and other wireless networks. Approximately eleven million wireless subscribers were affected by this breach.

The compromised data does not contain the contents of the calls or texts nor their time or date. However, cybercriminals may use this information to infer sensitive details about individuals' lives and potentially locate them based on call durations and cell site identification numbers.

AT&T launched an investigation after discovering the breach on April 19, 2024. The company has engaged leading cybersecurity experts to understand the nature and scope of the criminal activity. One person has been arrested in connection to the incident, and AT&T is continuing to work with law enforcement agencies such as the Federal Communications Commission (FCC), FBI, and US Department of Justice to apprehend others involved.

This breach marks another setback for AT&T following a data breach in March 2024 that exposed 73 million current and former accounts on the dark web. The company also experienced back-to-back service issues, including a broad network outage in February and another incident in June.

To protect your privacy, consider using encrypted chat apps like Signal or WhatsApp to communicate sensitive information. Additionally, be cautious when sharing personal details online and avoid clicking on suspicious links or downloading unverified attachments.



Confidence

80%

Doubts
  • Are there any indications that the hackers are state-sponsored?
  • Has AT&T experienced a similar breach in the past year?
  • Is the stolen data being sold on the dark web?

Sources

98%

  • Unique Points
    • Hackers stole six months worth of call and text message records of nearly every AT&T cellular network customer.
    • AT&T learned from an internal investigation that hackers unlawfully accessed and copied call logs saved on a third-party cloud platform.
  • Accuracy
    • The data contains records of calls and texts between approximately May 1 and Oct. 31, 2022, and on Jan. 2, 2023.
    • Stolen logs contain a record of every number AT&T customers called or texted, including numbers from other wireless networks.
    • The stolen data includes telephone numbers of nearly all AT&T cellular customers and customers of wireless providers that use its network.
  • Deception (100%)
    None Found At Time Of Publication
  • Fallacies (100%)
    None Found At Time Of Publication
  • Bias (100%)
    None Found At Time Of Publication
  • Site Conflicts Of Interest (100%)
    None Found At Time Of Publication
  • Author Conflicts Of Interest (0%)
    None Found At Time Of Publication

95%

  • Unique Points
    • AT&T revealed a massive data breach in which call and text message records from May 1, 2022 to October 31, 2022 were exposed.
    • Stolen logs contain a record of every number AT&T customers called or texted, including numbers from other wireless networks.
    • Approximately 110 million wireless subscribers were affected by the breach.
  • Accuracy
    • Approximately May 1 and Oct. 31, 2022, and on Jan. 2, 2023 were affected.
    • Hackers stole six months worth of call and text message records.
    • The data contains records of calls and texts between approximately May 1 and Oct. 31, 2022.
  • Deception (100%)
    None Found At Time Of Publication
  • Fallacies (85%)
    The authors use the term 'nearly all' AT&T cellphone customers and 'many non-AT&T customers' which is a Dichotomous Depiction. They also use the phrase 'very small number' of customers from January 2, 2023, which is an imprecise statement that could be considered an Appeal to Authority if taken out of context.
    • ][The stolen logs also contain a record of every number AT&T customers called or texted -- including customers of other wireless networks -- the number of times they interacted, and the call duration.][
    • [Importantly, AT&T said the stolen data did not include the contents of calls and text messages nor the time of those communications.]
  • Bias (100%)
    None Found At Time Of Publication
  • Site Conflicts Of Interest (100%)
    None Found At Time Of Publication
  • Author Conflicts Of Interest (100%)
    None Found At Time Of Publication

80%

  • Unique Points
    • AT&T announced a data breach affecting nearly all of its customers, around 110 million people
    • Stolen data includes phone numbers called and texted, call durations, and cell site identification numbers for a six-month period from May 1, 2022 to October 31, 2022
    • Data does not include content of calls or texts nor their time or date
    • Cybercriminals may use stolen data to infer sensitive information about customers’ lives and potentially locate them
    • Incident blamed on a recent breach at cloud service provider Snowflake affecting multiple companies including AT&T
    • UNC5537 identified as responsible cybercriminal group by Mandiant, the firm hired to investigate Snowflake breach
  • Accuracy
    No Contradictions at Time Of Publication
  • Deception (30%)
    The article contains editorializing and sensationalism. The author quotes Rachel Tobac and Runa Sandvik making assertions about the potential harm of the stolen metadata, implying that it could reveal sensitive information about individuals' lives. However, there is no clear evidence provided in the article that this is a certainty, only speculation.
    • Call data records provide a wealth of value for intelligence analysts.
    • This can reveal where someone lives, works, spends their free time, who they communicate with in secret including affairs, any crime based communication, or typical private/sensitive conversations that require secrecy.
  • Fallacies (75%)
    The article by Lorenzo Franceschi-Bicchierai on TechCrunch discusses the AT&T phone records data breach and its implications. The author provides a clear and informative overview of the breach, its extent, and potential risks for affected customers. However, there are a few instances of logical fallacies present in the article.
    • For some of the affected customers, the cybercriminals were also able to steal cell site identification numbers linked to phone calls and text messages, according to AT&T. This means that — potentially — someone could use this information to figure out the approximate location of a customer when they made a certain call or sent a text, and perhaps infer sensitive information about their lives.
  • Bias (95%)
    The author expresses concern for the potential harm that can come from the stolen metadata, specifically mentioning how it could be used to infer sensitive information about individuals' lives and potentially locate them. The author also quotes experts who share similar concerns and provide examples of how this data could be used maliciously.
    • Call data records provide a wealth of value for intelligence analysts.
      • This can reveal where someone lives, works, spends their free time, who they communicate with in secret including affairs, any crime based communication, or typical private/sensitive conversations that require secrecy.
      • Site Conflicts Of Interest (100%)
        None Found At Time Of Publication
      • Author Conflicts Of Interest (100%)
        None Found At Time Of Publication

      98%

      • Unique Points
        • A hacker gained unlawful access to a third-party cloud platform where AT&T data was stored and exfiltrated files containing call and text records of nearly all AT&T customers from May 1, 2022 to Oct. 31, 2022. A very small number of customers’ data was also compromised on Jan. 2, 2023.
        • One person has been arrested in connection to the incident and AT&T is continuing to work with law enforcement to arrest others involved.
      • Accuracy
        • The stolen data includes records of interactions between AT&T or MVNO wireless numbers and other telephone numbers, as well as call duration counts but does not contain what was said on the calls or in messages or any personal information such as Social Security numbers or dates of birth.
        • AT&T learned from an internal investigation that hackers unlawfully accessed and copied call logs saved on a third-party cloud platform.
        • The data contains records of calls and texts between approximately May 1 and Oct. 31, 2022, and on Jan. 2, 2023.
        • AT&T revealed a massive data breach in which call and text message records from May 1, 2022 to October 31, 2024 were exposed.
      • Deception (100%)
        None Found At Time Of Publication
      • Fallacies (100%)
        None Found At Time Of Publication
      • Bias (100%)
        None Found At Time Of Publication
      • Site Conflicts Of Interest (100%)
        None Found At Time Of Publication
      • Author Conflicts Of Interest (100%)
        None Found At Time Of Publication

      95%

      • Unique Points
        • The Federal Communications Commission is investigating a hack of AT&T customer data.
        • The hack impacted records of calls and texts for nearly all of AT&T's mobile-phone users for a six-month period in 2022.
      • Accuracy
        • The data contains records of calls and texts between approximately May 1 and Oct. 31, 2022, and on Jan. 2, 2023.
        • Stolen logs contain a record of every number AT&T customers called or texted, including numbers from other wireless networks.
      • Deception (100%)
        None Found At Time Of Publication
      • Fallacies (100%)
        None Found At Time Of Publication
      • Bias (100%)
        None Found At Time Of Publication
      • Site Conflicts Of Interest (100%)
        None Found At Time Of Publication
      • Author Conflicts Of Interest (0%)
        None Found At Time Of Publication