I pulled some information on the recently announced AT&T Data Breach, 12 July 2024, for leadership at my company. Feel free to take and use for your own reports or security awareness programs.

Summary

On July 12, 2024, AT&T disclosed a significant data breach involving the illegal download of customer data from a third-party cloud platform. Attackers accessed a third-party cloud platform between April 14 and April 25, 2024. The breach affected phone call and text message records of nearly all AT&T cellular customers from May 1 to October 31, 2022, and January 2, 2023. The data included phone numbers and call durations, such as who contacted who by phone or text.  

Per AT&T, no content of the calls or texts, nor personally identifiable information, was compromised. Attackers exploited a vulnerability in a third-party cloud service. AT&T has secured the access point, notified affected customers, and is cooperating with law enforcement. They are enhancing security measures to prevent future incidents. 

Timeline of Events 

• April 14 and April 25, 2024: Initial breach period where customer data From May 1, 2022, October 31, 2022, and January 2, 2023, was illegally accessed. 

• July 12, 2024: AT&T publicly disclosed the breach and began notifying affected customers. 

• Ongoing: AT&T is cooperating with law enforcement and implementing enhanced security measures to prevent future incidents. 

AT&T has set up a webpage to address questions and provide steps for checking if customer information is compromised.   

This summary was written with help from the links below: 

• https://www.npr.org/2024/07/12/nx-s1-5037736/att-data-breach-call-text-records  

• https://techcrunch.com/2024/07/12/att-phone-records-stolen-data-breach/  

• https://www.sec.gov/ix?doc=/Archives/edgar/data/0000732717/000073271724000046/t-20240506.htm 

• https://www.prnewswire.com/news-releases/att-addresses-illegal-download-of-customer-data-302195733.html