We learned that AT&T customer data was illegally downloaded from our workspace on a third-party cloud platform. We started an investigation and engaged leading cybersecurity experts to help us determine the nature and scope of the issue. We have confirmed the access point has been secured.

Our investigation found that the downloaded data included phone call and text message records of nearly all of AT&T cellular customers from May 1, 2022 to October 31, 2022 as well as on January 2, 2023. These records identify other phone numbers that an AT&T wireless number interacted with during this time, including AT&T landline (home phone) customers. For a subset of the records, one or more cell site ID numbers associated with the interactions are also included.

At this time, we do not believe the data is publicly available. We continue to work with law enforcement in their efforts to arrest those involved. Based on information available to us, we understand that at least one person has been apprehended.

Data that was involved

The call and text records identify the phone numbers with which an AT&T number interacted during this period, including AT&T landline (home phone) customers. It also included counts of those calls or texts and total call durations for specific days or months.

We’ll notify current and former customers if their information was involved.

The Snowflake Data Cloud has given us the power to harness and integrate data to create insights. With data at our fingertips, we are growing revenue, becoming more cost effective and, most importantly, improving the customer experience.”

Andy Markus

Chief Data Officer, AT&T

Incident linked to recent Snowflake breaches

AT&T’s spokesperson Andrea Hugely reportedly told Tech Crunch that the most recent compromise of customer records were stolen from Snowflake during the recent flurry of incidents the cloud data company experienced. The telecom giant confirmed to SC Media that the data breach occurred outside of its network via cloud IT service provider Snowflake.