AT&T says data from around 109 million US customer accounts illegally downloaded
![AT&T says data from around 109 million US customer accounts illegally downloaded AT&T says data from around 109 million US customer accounts illegally downloaded](https://dam.mediacorp.sg/image/upload/s--JgqvkLV6--/c_fill,g_auto,h_468,w_830/fl_relative,g_south_east,l_mediacorp:cna:watermark:2024-04:reuters_1,w_0.1/f_auto,q_auto/v1/one-cms/core/2024-07-12t203127z_3_lynxmpek6b0d1_rtroptp_3_us-telecom-outage.jpg?itok=kXwLUe2J)
FILE PHOTO: The AT&T logo is seen in a store window, as airports around the country are awaiting for Verizon and AT&T to rollout their 5G technology, in the Manhattan borough of New York City, New York, U.S., January 19, 2022. REUTERS/Brendan McDermid/File Photo
WASHINGTON: AT&T said on Friday (Jul 12) the company suffered a massive hacking incident as data from about 109 million customer accounts containing records of calls and texts from 2022 was illegally downloaded in April.
The US telecom company said the FBI is investigating and at least one person has been arrested after AT&T call logs were copied from its workspace on a third-party cloud platform in a significant breach of consumer communication records.
AT&T said the compromised data includes files containing AT&T records of calls and texts of nearly all of AT&T's cellular and AT&T's landline customers interacting with those cellular numbers between May 2022 and October 2022 but does not contain the content of calls or texts or personal information such as social security numbers.
AT&T shares were down 2 per cent in premarket trading.
The FBI said it worked with AT&T and the Justice Department "collaboratively through the first and second delay process, all while sharing key threat intelligence to bolster FBI investigative equities and to assist AT&T's incident response work."
The Federal Communications Commission said it is also has an ongoing investigation.
The compromised data also includes records from Jan 2, 2023, for a very small number of customers.
AT&T said it first learned on Apr 19 that a hacker had claimed to have unlawfully accessed and copied AT&T call logs. The company said its investigation found hackers had between Apr 14 and Apr 25 unlawfully exfiltrated files containing AT&T records of customer call and text interactions. The records also include AT&T customers of mobile virtual network operators using AT&T's wireless network.
These records identify telephone numbers with which a wireless number interacted during these periods and aggregate call duration. A subset of records includes one or more cell site identification number.
AT&T said it has closed off the point of unlawful access and will notify customers of the incident.
In March, AT&T said it was investigating a data set released on the "dark web" and said its preliminary analysis showed it impacted approximately 7.6 million current account holders and 65.4 million former account holders. The company said the data set appeared to be from 2019 or earlier.
AT&T is working with law enforcement and said it had delayed public notification based on a determination by the Justice Department. AT&T added it does not believe that the data is publicly available.