Exploring Information Security

View Original

Executive Summary: July 2024 AT&T Data Breach Incident 

I pulled some information on the recently announced AT&T Data Breach, 12 July 2024, for leadership at my company. Feel free to take and use for your own reports or security awareness programs.

Summary

On July 12, 2024, AT&T disclosed a significant data breach involving the illegal download of customer data from a third-party cloud platform. Attackers accessed a third-party cloud platform between April 14 and April 25, 2024. The breach affected phone call and text message records of nearly all AT&T cellular customers from May 1 to October 31, 2022, and January 2, 2023. The data included phone numbers and call durations, such as who contacted who by phone or text.  

Per AT&T, no content of the calls or texts, nor personally identifiable information, was compromised. Attackers exploited a vulnerability in a third-party cloud service. AT&T has secured the access point, notified affected customers, and is cooperating with law enforcement. They are enhancing security measures to prevent future incidents. 

Timeline of Events 

  • April 14 and April 25, 2024: Initial breach period where customer data From May 1, 2022, October 31, 2022, and January 2, 2023, was illegally accessed. 

  • July 12, 2024: AT&T publicly disclosed the breach and began notifying affected customers. 

  • Ongoing: AT&T is cooperating with law enforcement and implementing enhanced security measures to prevent future incidents. 

AT&T has set up a webpage to address questions and provide steps for checking if customer information is compromised.   

This summary was written with help from the links below: