Hackers stole data from nearly every AT&T customer in a new data breach, taking six months of calls and text message records between May 1 and Oct. 31 of 2022 and on Jan. 2, 2023.
“According to what we know publicly, this wasn’t a breach of AT&T per se,” said Kern Smith, a mobile security expert. “It was more of a breach of a third party business that AT&T contracted with, where they stored or had access to all the AT&T’s customer data.”
According to Smith, affected users should take the following precautions:
- Do not trust texts that do not sound normal (i.e. the IRS is not going to ask for your social security number)
- When dealing with unknown numbers, users should validate the sender as who they say they are before engaging
- Make sure all texts and emails are valid
- Do not click on links from unknown senders
Smith adds that the attackers used a traditional phishing campaign to obtain user credentials, a common hacking method that doesn’t require much high tech knowledge.
AT&T said the hackers stole records of calls and texts. The company also affirmed that the data stolen does not include the content of calls or texts that could include personal information.
As to what hackers might do with the data, Smith says there are several ways of looking at it. However, he notes that data is most commonly weaponized to further target users, which is why AT&T customers should treat unknown senders with extra caution.
“From a corporate perspective, this is really showcasing how it’s not just about the steps that an organization takes to secure themselves,” Smith said. “It’s also ensuring that their partners or the third parties are taking steps, especially against some of these phishing type of campaigns.”
AT&T added in the statement that it does not believe any stolen data is publicly available at this time, adding that it “sincerely regret this incident occurred.”
