Call and text message logging Nearly all of AT&T’s cell phone customers was Exposed in a data breachThe company made the announcement on Friday.
The company: Securities and Exchange Commission The company learned in April that customer data had been illegally downloaded from AT&T Workspaces on a third-party cloud platform.
The company said it is working with law enforcement to apprehend those involved in the incident, and that at least one person has been arrested.
“The AT&T breach is currently under investigation and we are working with our law enforcement partners.” Federal Communications Commission on social media Friday morning.
Here’s what else you need to know about massive data breaches, what to do if you’ve been a victim, and what to do if you’re concerned that sensitive information may have been leaked.
AT&T Data Breach:Do users need to do anything?
Who was affected by the AT&T breach?
AT&T said in a filing with the SEC that the threat actors stole files containing records of customers’ call and text interactions that took place between May 1 and October 31, 2022. The company said the compromised data also included records from January 2, 2023 for “a very small number of customers.”
In addition to mobile phone customers, customers of mobile virtual network operators (MVNOs) that use AT&T’s wireless network were also affected, as were AT&T landline customers who communicated with those mobile phone numbers.
AT&T said it would contact affected customers via text, email or U.S. mail. Customers can also check their accounts online to see if they’ve been affected.
What type of data was published?
“The data does not include the content of calls or texts, personal information such as Social Security numbers or dates of birth or other personally identifiable information,” AT&T said in a news release Friday.
“It also does not include information that typically appears in your usage details, such as timestamps for calls and text messages,” the company added.
AT&T also said that while the breached data did not include customer names, there is a way to find names associated with specific phone numbers using publicly available online tools.
“At this time, we believe that the data is not publicly available,” the company said in a news release.
AT&T Data Breach:AT&T says nearly all of its mobile phone customers’ call and text records were exposed in a massive breach
What’s an AT&T customer to do?
As a general rule, AT&T says you should be wary of any phone calls or text messages asking for personal, account, or credit card details. If in doubt, here are some things to look out for:
- Suspicious Text Activity: Please do not reply. Forward text to AT&T That way you can get support. Forwarded messages are free and don’t count against your text plan.
- You’re being targeted by scams using AT&T mobile numbers: Report AT&T Fraud TeamIf you suspect fraudulent activity on another account, call the customer service number listed on your invoice for assistance.
AT&T also said customers should only open text messages from people they know and trust, and should not reply to text messages from unknown senders that contain personal information.
What to do if your Social Security number is compromised
AT&T says no Social Security numbers were exposed in the data breach, but customers who are concerned their numbers may have been exposed can follow AT&T’s guidance below. Federal Trade Commission:
- If your company offers free credit monitoring, take advantage of it.
- Get your free credit report and check for any accounts or charges you don’t recognize.
- Set up a free credit freeze or fraud alert. A credit freeze makes it harder for someone to open an account in your name. But if you’re applying for something that requires a credit check, you’ll need to take a few extra steps to temporarily lift the freeze. A fraud alert requires companies to verify your identity before issuing new credit in your name.
- Continue to monitor your credit report Annual Credit Reportyou can check it out for free every week.
What to do if your credit card number or bank account information is leaked
AT&T has said that “personally identifiable information” was not involved in the data breach, but if you suspect your banking information may have been compromised, the FTC suggests:
- Contact your bank to close your account or cancel your credit or debit card and get a new one.
- Regularly review your transactions for fraudulent charges.
- Update your automatic payments with your new account information.
Contributor: Chad Murphy, USA TODAY Network
Gabe Haouari is a national trend news reporter for USA Today. You can follow him on X. Gabe Haouari Or email me at [email protected].