Massive Cyber Attack: AT&T Shaken by Hacker Assault

AT&T, one of the largest telecommunications providers in the United States, recently announced that a massive cyber security incident occurred in April of this year. Hackers were able to access the call and text message information of a large portion of the company's wireless customers. "Threat actors" infiltrated AT&T's systems over an eleven-day period in April, copying data records from customer calls and messages from several months of 2022, as well as from January 2, 2023. This was disclosed by the company in a regulatory filing on Friday. The compromised data also includes files from customers of mobile virtual network operators (MVNOs) that use AT&T's wireless network, as well as from landline customers who interacted with these mobile numbers. However, only “a very small number of customers” were affected on January 2, 2023. AT&T joins a growing list of major U.S. companies that have faced cyber security incidents in the past year. These include the healthcare giant UnitedHealth, consumer brand Clorox, casino operators MGM Resorts International and Caesars Entertainment, as well as the parent company of Supreme and North Face, the VF Group. According to the latest earnings report, AT&T had more than 100 million wireless subscribers at the end of March, making it the second-largest mobile provider in the U.S. after Verizon by customer numbers and revenue. The company began an investigation after the incident was discovered on April 19. The U.S. Department of Justice determined in May and June that a delay in public disclosure was “justified.” AT&T reported that it is working with law enforcement to apprehend those responsible and that "at least one individual" had been arrested. The compromised data did not include the content of calls or text messages nor personal information such as Social Security numbers, birth dates, or other personally identifiable information. However, the company cautioned that despite the absence of customer names, it is possible to use publicly available online tools to find the name associated with a specific phone number. The records identified phone numbers that an AT&T or MVNO number interacted with during the affected periods, including those of other providers, as well as the number of these interactions and the aggregated call duration per day or month. AT&T emphasized that the incident had "no significant impact" on operations and is not considered “likely to be material” to the company's financial condition or business results. AT&T shares fell 2.4% in pre-market trading on Friday. The company announced that additional measures have been taken to enhance cyber security, including the "closure of the unauthorized access point," and that affected current and former customers would be notified.