Were your AT&T calls and texts leaked? Everything you need to know about massive data breach
- READ MORE: 'Nearly all' AT&T customers' call and text data has been leaked
Nearly all of AT&T's 110 million wireless subscribers were subjected to a massive data breach, leaving them wondering what information may have been leaked.
The data breach, which occurred over five months in 2022, included records of calls and texts that would expose people's personal communications.
Hackers could have also accessed the geographic location by using identification numbers attached to cellular towers associated with account phone numbers.
Although the exposed data did not include customer names, there are 'publicly available online tools' capable of connecting numbers with people's identities, AT&T said.
AT&T suffered America's largest data leak that exposed 'nearly all' of its customers information on a third-party platform. The information revealed customers call and text data that could reveal their geographic location
What AT&T information was leaked?
AT&T revealed the data breach on Friday, noting the stolen data contained records from May 1 through October 31, 2022, as well as some from January 2, 2023.
The data showed which phone numbers AT&T customers called during that period, including how many calls and texts were made to a specific person and the total duration of the calls.
But the information obtained did not include time stamps of calls and text messages, nor did it reveal names, dates of birth or social security numbers.
AT&T said that one or more cell site identification numbers were attached to calls and texts, which could reveal the general location of one or more of the parties.
If the records were to leak, the information would reveal who AT&T customers called and texted, putting high profile individuals like politicians and executives at risk.
That is because the phone numbers would be linked, allowing bad actors to find the name associated with a specific telephone number.
AT&T explained that the information was downloaded from to a third-party cloud platform from AT&T's workspace on Snowflake - a cloud-based data warehouse that allows companies to manage, store and process customer data and files.
Brad Jones, chief information security officer at Snowflake, told CNN that they have not found evidence that the cyberattack was not 'caused by a vulnerability, misconfiguration or breach of Snowflake's platform.'
How do you know if you were impacted?
AT&T has already taken cybersecurity measures to close off the point of access breached by the hackers and plans to notify impacted customers in the near future.
A website will also be set up where customers can determine if their data was compromised in the attack - AT&T has not specified when it will go live.
The company said as of Friday, the breach hasn't impacted AT&T's operations and sought to assure customers that it ' does not believe that the data is publicly available.'
Cybersecurity expert Collin Walke told DailyMail.com that the silver lining in the attack appears to be that 'no actual text content has been accessed.'
However, he warned people about the consequences of hacks like this, saying it should serve as a reminder to everyone that everything you do online leaves a digital footprint.
'The consequences of hacks like this ... should heighten our awareness to the problems we face in the future. This hack didn't access content, but we don't know when the next one will,' Walke said.
AT&T reported that the cyberattack compromised information for 'nearly all' of its 110 million US landline and cellphone customers
Why did AT&T take three months to notify customers?
AT&T said it learned a 'threat actor claimed to have unlawfully accessed and copied AT&T call logs' on April 19.
The company claimed it 'immediately' hired experts to investigate the attack which determined that hackers had stolen the 2022 files between April 14 and April 25.
The FBI is investigating the cyberattack and at least one person has been arrested in connection with the hack.
Walke said the delay is 'extremely concerning,' and called on regulators to act and ensure people are informed more quickly.
'And while content had not been taken in this hack, what if it had? Consumers would not have known about this for months!' he said.
AT&T allegedly did not notify customers immediately because the US Department of Justice (DOJ) determined that 'a delay in providing public disclosure was warranted.'
The FBI told Dailymail.com that AT&T contacted the agency to report the incident shortly after it identified a potential breach.
'AT&T, FBI, and DOJ worked collaboratively through the first and second delay process, all while sharing key threat intelligence to bolster FBI investigative equities and to assist AT&T's incident response work,' the FBI said.
'The FBI prioritizes assistance to victims of cyber-attacks, encourages organizations to establish a relationship with their local FBI field office in advance of a cyber incident, and to contact the FBI early in the event of breach.'
A DOJ spokesperson told DailyMail.com that AT&T's delay in notifying customers aided the department's ability to conclude that revealing the cyberattack 'would pose a substantial risk to national security and public safety.'
How many times has AT&T been hacked this year?
During the same time that AT&T allegedly found out about the cyberattack, it was dealing with a separate breach where customer records from 2019 or earlier were leaked on the dark web.
The dark web is a hidden part of the internet that requires a specific browser to access that allows users to hide their identity and location from others, including law enforcement.
The attack included leaked social security numbers and other personal information that forced the company to reset the passwords of 73 million accounts.
It impacted 7.6 million current AT&T customers and roughly 65.4 million former account holders.
In March, AT&T notified customers that a marketing vendor it used was hacked in January, exposing the private information of wireless account holders.
This breach exposed Customer Proprietary Network Information (CPNI) of roughly 9 million AT&T users, which included first names, wireless account numbers, wireless phone numbers and email addresses.
In the wake of the cyberattacks, AT&T is facing dozens of class-action lawsuits, claiming the company knew of the breaches but failed to act.
