Data breach exposes call and text records of almost all AT&T customers

July 12, 2024

By JOSH FRIEDMAN

A massive data breach has exposed the call and text message records of tens of millions of AT&T cellphone customers, as well as many non-customers, the telecom company revealed on Friday.

The data includes the telephone numbers of nearly all AT&T customers, as well as the customers of wireless providers that use its network, from between May 1, 2022 and Oct. 31, 2022. The stolen logs also include a record of every number AT&T customers called or texted — even the numbers of customers of other wireless networks — along with the number of times they interacted and the call duration.

However, the stolen data does not include the contents of calls and text messages, nor the time of those communications, AT&T said. But, the records of a “very small number” of customers from Jan. 2, 2023 were also implicated, the company said.

AT&T blames the data breach on an illegal download on a third-party cloud platform that it learned about in April, just as the company was dealing with an unrelated major data leak. The telecom claims the exposed data is not believed to be publicly available.

“We have an ongoing investigation into the AT&T breach and we’re coordinating with our law enforcement partners,” the FCC said in a statement.