AT&T has released a public statement on unauthorized access of customer data from a third-party cloud platform.
A statement from the company reads: “We learned that AT&T customer data was illegally downloaded from our workspace on a third-party cloud platform. We started an investigation and engaged leading cybersecurity experts to help us determine the nature and scope of the issue. We have confirmed the access point has been secured.
“Our investigation found that the downloaded data included phone call and text message records of nearly all of AT&T cellular customers from May 1, 2022, to October 31, 2022, as well as on January 2, 2023. These records identify other phone numbers that an AT&T wireless number interacted with during this time, including AT&T landline (home phone) customers. For a subset of the records, one or more cell site ID numbers associated with the interactions are also included.”
The company added that it did not believe the data is publicly available.
“We continue to work with law enforcement in their efforts to arrest those involved. Based on information available to us, we understand that at least one person has been apprehended,” it added.
The downloaded data doesn’t include the content of any calls or texts.