(San Francisco) US mobile operator AT&T said Friday that hackers had stolen call and message data from “virtually all” of its customers for six months in 2022, affecting around 90 million people.
“AT&T customer data was illegally downloaded from our workspace to a third-party cloud platform,” the company said in a statement, adding that it had “opened an investigation.”
“The access point has been secured,” she said.
The data primarily includes records of phone calls and text messages made between May 2022 and October 2022. These are the phone numbers that AT&T mobile subscribers interacted with, and also, in some cases, identifying numbers that could help malicious actors determine where calls were made and text messages were sent.
But according to AT&T, the data downloaded by the hackers does not include the content of calls and messages, or personal information such as names or Social Security numbers.
“At this time, we do not believe this data is publicly available,” the group, which is working with law enforcement, said. “Based on the information we have, we know that at least one person has been apprehended.”
Although Snowflake is not mentioned in the release, attention has turned to the cloud platform, which sells data analytics services to large companies and has recently suffered a wave of data breaches.
A source close to the case confirmed to AFP that the hackers had accessed the recordings via Snowflake.
The news comes after AT&T suffered a major cyberattack last March, when the personal data of more than 70 million current and former customers was leaked on the dark web.
“This is a second painful blow to the millions of customers who have already lost trust,” said Darren Guccione, CEO of Keeper Security, a cybersecurity firm.
“Although this time the information is “less sensitive than that disclosed in the previous breach,” he recommends that those affected take steps to protect their identity, such as changing their AT&T account password and implementing multi-factor authentication.
He further advises them to monitor their bank accounts, sign up for a dark web monitoring service or freeze their credit “to prevent new loans or lines of credit from being approved” in their name.
The Justice Department said it was investigating the incident.