AT&T dropped some big and very bad news this morning: “Nearly all” customers had text and call data leaked in a massive cyberattack. We’re talking 95 million people.
“Kim, really? Another data breach?” I know, but don’t tune this one out. It has scary implications for your privacy.
What happened?
Hackers broke into a third-party cloud platform AT&T used to store customer data. More specifically, the breach included records of phone calls and texts of cellular customers, wireless network customers and landline customers between May 2022 and October 2022 and Jan. 2, 2023.
Some stolen records also include cell site IDs. This is where things get especially scary. Those records can be used to track a phone's location, intercept or block calls, and create fake cell towers for eavesdropping.
The stolen data doesn't include the contents of those phone calls and text messages — but I’d argue all that location data might be worse.
Picture it: Someone with enough info to “watch” you leaving your home for work, to run errands, to go to a doctor’s appointment — all just based on tower pings from calls and texts sent along the way.
AT&T says hackers didn't steal dates of birth and Social Security numbers, and what they did get doesn't include timestamps. The data will reveal which customers interacted and how often but not exactly when the interactions occurred.
The breached data is publically available … yet. Of course, those responsible could choose to release the data or put it up for sale at any time, which they will do unless AT&T pays them off.
What now?
This is still a developing story, but we do know AT&T has closed off the cyberattack's access point and is working with law enforcement. This all happened back in April, FYI. So far, at least one person involved has been apprehended.
If your data was included in this latest breach, you’ll hear about it by text or email or get something in the mail. Assume it’s you if you were an AT&T customer between May and October 2022 or on Jan. 2, 2023.
Your safety checklist
The official word from AT&T is that no personal information was breached … this time. If you're a customer, it's in your best interest to take these steps ASAP:
- Update all your account passwords immediately. This includes the PIN used to lock down your account (you’ll need to call AT&T to change that), your online account login and even your phone’s PIN for good measure.
- Monitor your account for unusual activity, like overage warnings when you never get those or evidence someone else is accessing your account. Contact AT&T right away if you notice anything suspicious.
- Switch to a safer way to 2FA. Getting text codes to log into your accounts is inherently risky. Your best bet is to use an authenticator app. Here’s a guide on how to set that up.
- As with any breach, monitor your credit card and bank accounts. Contact your bank right away if you notice strange charges or activity.
- Wipe your personal info from the web. Data-broker and people-search sites are known for buying leaked details like this to make more detailed packages about you. You can delete yourself from those sites one by one, but it’s hard and frustrating. I use Incogni to do the hard work for me.
Now, do the people in your life a favor and share this alert. Again, every single AT&T customer should consider themselves part of this breach, along with anyone who called an AT&T customer.