Executive Summary: July 2024 AT&T Data Breach Incident
I pulled some information on the recently announced AT&T Data Breach, 12 July 2024, for leadership at my company. Feel free to take and use for your own reports or security awareness programs.
Summary
On July 12, 2024, AT&T disclosed a significant data breach involving the illegal download of customer data from a third-party cloud platform. Attackers accessed a third-party cloud platform between April 14 and April 25, 2024. The breach affected phone call and text message records of nearly all AT&T cellular customers from May 1 to October 31, 2022, and January 2, 2023. The data included phone numbers and call durations, such as who contacted who by phone or text.
Per AT&T, no content of the calls or texts, nor personally identifiable information, was compromised. Attackers exploited a vulnerability in a third-party cloud service. AT&T has secured the access point, notified affected customers, and is cooperating with law enforcement. They are enhancing security measures to prevent future incidents.
Timeline of Events
April 14 and April 25, 2024: Initial breach period where customer data From May 1, 2022, October 31, 2022, and January 2, 2023, was illegally accessed.
July 12, 2024: AT&T publicly disclosed the breach and began notifying affected customers.
Ongoing: AT&T is cooperating with law enforcement and implementing enhanced security measures to prevent future incidents.
AT&T has set up a webpage to address questions and provide steps for checking if customer information is compromised.
This summary was written with help from the links below: