The AT&T Hack: 'Yeah, This Is Really Bad'

Yes, hacks of customer data happen with disturbing frequency, but the latest one making headlines is, as Shira Ovide puts it at the Washington Post, "nasty." Hackers swiped the data of nearly all AT&T Wireless customers in 2022, a breach that affects about 110 million people, reports the AP.

• What they got: Phone numbers of both cellular and landline users, as well as records of calls made and texts sent between May 1, 2022, and October 31, 2022, per Tech Crunch. A smaller set of customers were affected in January 2023.
• Meaning: "Yeah, this is really bad," says Jake Williams of cybersecurity consultancy Hunter Strategy tells Wired. "What the threat actors stole here are essentially call data records. These are a gold mine in intelligence analysis because they allow someone to understand networks—who is talking to whom and when. And threat actors have data from previous compromises to map phone numbers to identities. But even without identifying data for a phone number, closed networks—where numbers only communicate with others in the same network—are almost always interesting."
• What they didn't get: "The data does not contain the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information," said the company. As of now, AT&T doesn't think the stolen info has been made public.
• A question: Security expert Brian Krebs writes that the "data includes information you would see on a phone bill, including the source and destination of calls on your AT&T mobile device(s), and the same for SMS messages." Given that hackers got some cell tower info, which can show the general location of where a call was made from, this "raises an important question," he adds. "Was the AT&T customer data stolen from a law enforcement portal set up by AT&T? Sure seems like it."

• Potential risks: "With information like the numbers you frequently call, a crook could impersonate your boss, brother or bank to get you to hand over money," per the Post. "In the wrong hands, the stolen location data from phone records could also be used to blackmail people having affairs, for criminals to find the homes of police officers and prosecutors or for abusers to track down their former romantic partners." Wired adds that the info "could be a gold mine for attackers looking to construct compelling phishing attacks and other scams to target individuals or specific communities of people."
• What to do: The company says it will notify affected customers by email, though you should assume that if you had an AT&T account in the time frames mentioned that your account was compromised. As always, be suspicious of, say, fishy texts seeking money, per USA Today. The outlet runs down basic protocols if people suspect their Social Security numbers or other sensitive data has been breached, which does not appear to have happened in this hack.

(More AT&T Wireless stories.)