AT&T Data Breach: 110 Million Wireless Subscribers Affected, Hacking Group UNC5537 Responsible

United States of America
AT&T data breach affected approximately 110 million wireless subscribers from May 1, 2022 to October 31, 2022.
Customers can check their accounts for more information or request a report from AT&T.
Data was illegally downloaded from AT&T's workspace on third-party cloud platform Snowflake. Similar breaches at Ticketmaster and QuoteWizard were also linked to Snowflake.
Stolen data includes call and text records, durations, and cell site IDs for AT&T customers and those using other wireless networks on its infrastructure.
The breach was attributed to UNC5537, a hacking group believed to be motivated by financial gain.
AT&T Data Breach: 110 Million Wireless Subscribers Affected, Hacking Group UNC5537 Responsible

In a significant data breach, telecommunications giant AT&T announced that the personal information of nearly all its cellular customers was compromised between May 1, 2022 and October 31, 2022. The stolen data includes call and text records from both AT&T customers and those using other wireless networks that operate on its infrastructure. The breach was discovered in April but was not disclosed to the public until recently due to security concerns and cooperation with law enforcement agencies such as the Department of Justice and FBI.

The compromised data includes phone numbers, call/text counts, durations, and cell site IDs for approximately 110 million wireless subscribers. International calls to Canada were also affected except for landline customers who interacted with those cell numbers. The breach was attributed to UNC5537, a hacking group believed to be motivated by financial gain.

The data was illegally downloaded from AT&T's workspace on a third-party cloud platform, Snowflake. Similar breaches at Ticketmaster and QuoteWizard were also linked to Snowflake. The company is now working with law enforcement to identify the perpetrators and take appropriate action.

Customers who believe their data may have been affected can check their accounts for more information or request a report from AT&T. It's important for customers to remain vigilant against potential identity theft and fraudulent activity related to this breach.

This incident highlights the importance of robust cybersecurity measures and the need for companies to prioritize data protection. It also underscores the risks associated with third-party cloud platforms and the need for increased oversight and security protocols.



Confidence

95%

No Doubts Found At Time Of Publication

Sources

85%

  • Unique Points
    • Hackers stole phone records of over 100 million AT&T customers from 2022, including phone numbers, call/text counts, durations, and cell site IDs.
    • The breach was attributed to UNC5537, likely motivated by financial gain.
    • The data breach affected customers of other networks using AT&T’s infrastructure, including call records for users of Cricket Wireless, Boost Mobile, and Consumer Cellular.
    • Mandiant suggested that the attack was likely financially motivated.
    • The breach stemmed from a hacked account on Snowflake, a third-party cloud platform. Similar breaches at Ticketmaster and QuoteWizard were also linked to Snowflake.
  • Accuracy
    • The breach was attributed to UNC5537.
    • The data breach affected customers of other networks using AT&T's infrastructure, including call records for users of Cricket Wireless, Boost Mobile, and Consumer Cellular.
    • AT&T knew about the breach in April but held off on announcing it twice.
  • Deception (50%)
    The article reports on a data breach at AT&T that compromised the phone records of nearly all its customers. While it discloses some details about the breach and quotes sources, it does not link to peer-reviewed studies or provide evidence for some claims. It also implies that no personal information like names, Social Security numbers, or dates of birth was accessed but fails to mention that phone numbers can still be matched with names using online tools. This could mislead readers into thinking their personal information was not at risk.
    • What you need to know
    • Hackers stole phone records of over 100 million AT&T customers from 2022, including phone numbers, call/text counts, durations, and cell site IDs.
  • Fallacies (85%)
    The article contains a few informal fallacies and an example of inflammatory rhetoric. It also uses a dichotomous depiction.
    • . . . hackers stole phone records of over 100 million AT&T customers from 2022, including phone numbers, call/text counts, durations, and cell site IDs.
    • An AT&T spokesperson confirmed to TechCrunch that the breach stemmed from a hacked account on Snowflake, a third-party cloud platform. Similar breaches at Ticketmaster and QuoteWizard were also linked to Snowflake.
    • This recent breach is another hit to AT&T’s cybersecurity efforts, coming soon after a separate leak earlier this year that affected over 70 million customers.
  • Bias (100%)
    None Found At Time Of Publication
  • Site Conflicts Of Interest (100%)
    None Found At Time Of Publication
  • Author Conflicts Of Interest (100%)
    None Found At Time Of Publication

98%

  • Unique Points
    • AT&T learned about the hack in April but delayed informing customers due to security concerns and cooperation with agencies like the Department of Justice and FBI.
    • The breached data includes call and text records but does not involve the content or personal information such as Social Security numbers or birth dates.
  • Accuracy
    • AT&T announced a massive data breach affecting nearly all of its cellular customers between May 1, 2022 to Oct. 31, 2022 and for a very small number of customers on Jan. 2, 2023.
    • This recent breach is another hit to AT&T’s cybersecurity efforts, coming soon after a separate leak earlier this year that affected over 70 million customers.
  • Deception (100%)
    None Found At Time Of Publication
  • Fallacies (100%)
    None Found At Time Of Publication
  • Bias (100%)
    None Found At Time Of Publication
  • Site Conflicts Of Interest (100%)
    None Found At Time Of Publication
  • Author Conflicts Of Interest (100%)
    None Found At Time Of Publication

99%

  • Unique Points
    • The data was illegally downloaded from AT&T's workspace on a third-party cloud platform.
    • Approximately 110 million current and former customers will be notified of the breach.
  • Accuracy
    • The compromised data includes records of calls and text messages, along with phone numbers that AT&T or MVNO cellular numbers interacted with during the specified period.
    • This is the second significant security breach for AT&T in 2024, following an earlier incident in March that affected approximately 7.6 million customers and included encrypted passcodes.
  • Deception (100%)
    None Found At Time Of Publication
  • Fallacies (100%)
    None Found At Time Of Publication
  • Bias (100%)
    None Found At Time Of Publication
  • Site Conflicts Of Interest (100%)
    None Found At Time Of Publication
  • Author Conflicts Of Interest (100%)
    None Found At Time Of Publication

97%

  • Unique Points
    • The federal government is investigating the AT&T security breach (unique to the given article)
  • Accuracy
    • The federal government is investigating the AT&T security breach
    • Hackers stole phone records of over 100 million AT&T customers from 2022
    • Approximately 110 million current and former customers will be notified of the breach.
    • The compromised data includes records of calls and text messages, along with phone numbers that AT&T or MVNO cellular numbers interacted with during the specified period.
  • Deception (100%)
    None Found At Time Of Publication
  • Fallacies (100%)
    None Found At Time Of Publication
  • Bias (100%)
    None Found At Time Of Publication
  • Site Conflicts Of Interest (100%)
    None Found At Time Of Publication
  • Author Conflicts Of Interest (100%)
    None Found At Time Of Publication

78%

  • Unique Points
    • Tens of millions of AT&T cellphone customers and many non-AT&T customers’ call and text message records were exposed in a data breach from May 1, 2022 to October 31, 2022.
    • The stolen logs contain records of every number AT&T customers called or texted, including numbers from other wireless networks.
    • Approximately 110 million wireless subscribers were affected, with international calls to Canada included except for landline customers who interacted with those cell numbers.
  • Accuracy
    No Contradictions at Time Of Publication
  • Deception (10%)
    The authors use the phrase 'nearly all' to exaggerate the extent of the breach. While it is true that a large number of customers were affected, it is not accurate to say that 'nearly all' were impacted.
    • The call and text message records from mid-to-late 2022 of tens of millions of AT&T cellphone customers and many non-AT&T customers were exposed in a massive data breach, the telecom company revealed Friday. AT&T said the compromised data includes the telephone numbers of ‘nearly all’ of its cellular customers and the customers of wireless providers that use its network between May 1, 2022 and October 31, 2022.
  • Fallacies (85%)
    The article contains a few instances of inflammatory rhetoric and appeals to authority. The author uses phrases like
    • the telecom company revealed Friday.
    • AT&T said the exposed data did not include the contents of calls and text messages nor the time of those communications.
    • The FBI declined to comment when asked about that statement.
  • Bias (100%)
    None Found At Time Of Publication
  • Site Conflicts Of Interest (100%)
    None Found At Time Of Publication
  • Author Conflicts Of Interest (100%)
    None Found At Time Of Publication