• by Tanya Gazdik , July 15, 2024

Here we go again with another data breach, this time AT&T's. But this one could have some interesting privacy ramifications. 

It’s not just personal information that’s been compromised, but call and text message records.

However the data “does not contain the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information,” according to AT&T.  "It also does not include some typical information you see in your usage details, such as the time stamp of calls or texts.”

AT&T reported the breach in a securities filing on Friday, saying it became aware in April of someone claiming to have accessed customer data. The stolen data was mostly from 2022 and encompassed nearly all of its wireless customers. The company has nearly 90 million cellphone subscribers.

“While the hacked records didn’t include names, it did have phone numbers that could be linked to owners using public databases,” according to The Wall Street Journal. “Some customers have raised concerns the information could be used to expose business deals, secret meetings or romantic affairs.”

The swiped location data is what's making some customers nervous. 

"Your phone company logs the nearest cellular tower every time your device connects to its mobile network," according to The Washington Post. "That data is essentially a rough timeline and map of everywhere you go with your smartphone, including your home, work, house of worship, medical appointments and more."

The good news is, the company has made some headway in getting to the bottom of the situation. 

“The company said it is working with law enforcement to arrest those involved in the incident, and that at least one person has been apprehended,” according to USA Today.

It’s likely the person was apprehended after trying to extort money from the telecom company. 

AT&T “paid a member of the hacking team more than $300,000 to delete the data and provide a video demonstrating proof of deletion,” according to Wired.  “AT&T is one of more than 150 companies that are believed to have had data stolen from poorly secured Snowflake accounts during a hacking spree that unfolded throughout April and May.”