AT&T data breach exposes call and text metadata of all customers
Share
AT&T has announced a significant data breach that impacted nearly all of its wireless customers, exposing detailed metadata of their calls and text messages over several months. According to a report filed Friday morning with the Securities and Exchange Commission, hackers accessed records of the cellular numbers that customers called or received calls from, the numbers involved in text exchanges, and the timestamps of these communications.
The breach, however, did not include the contents of calls or text messages, nor did it include personal information such as Social Security numbers, dates of birth, or other personally identifiable information. Despite this, cybersecurity experts warn of the potential implications. John Scott-Railton, a cybersecurity researcher, noted on social media that this breach provides an unknown entity with an “NSA-level view into Americans’ lives,” emphasizing that such metadata can tell comprehensive stories about individuals’ activities and associations.
AT&T, which serves over 100 million U.S. consumers, businesses, and government entities, is reeling from this intrusion. While the stolen data does not include names, it is possible to link telephone numbers with individuals using publicly available tools. The breach follows a previous incident in March where 7.6 million current and 65.4 million former AT&T customers had their personal information, including full names, email addresses, mailing addresses, phone numbers, dates of birth, and AT&T account numbers, compromised.
The intent behind this latest metadata breach remains unclear, though the information obtained can be exploited in various ways. These incidents highlight the ongoing risks and vulnerabilities in telecommunications data security.