In a significant security breach, telecommunications giant AT&T announced Friday that data from nearly 109 million customer accounts was downloaded to a third-party platform.
The breach, which occurred over five months in 2022, affected cellular, mobile virtual network operators, and landline customers. AT&T assured that no sensitive personal information, such as Social Security numbers or the content of calls and texts, was compromised. However, experts warn that the exposed data could still be used to trace users and piece together private interactions.
The breach was linked to a workspace on the cloud platform Snowflake, and AT&T is working with cybersecurity experts to investigate. The FBI and the Department of Justice are also involved, citing national security concerns. The DOJ stated that an earlier disclosure of the breach would have posed a substantial risk to national security and public safety.
AT&T’s investigation is ongoing, and at least one person has been apprehended so far. The Federal Communications Commission is also investigating the incident. This breach follows several other major data breaches this year, including an earlier attack on AT&T in March.
AT&T customers can find more information here.
