Sensational finding: Millions of AT&T customer data hacked

A massive hacker attack on AT&T's networks has exposed sensitive communication and location data of millions of customers, thereby jeopardizing the national security of the USA. According to privacy and security experts, this is one of the most severe attacks on an American telecommunications provider. AT&T announced on Friday that an unknown hacker breached its network in April and stole data on calls and text messages from nearly all of the company's over 100 million wireless customers over a period of five months in 2022 and 2023. Although no call contents or written message contents were captured, the stolen metadata provided an extensive insight into the private lives of the affected individuals. John Scott-Railton, a senior researcher at the Citizen Lab of the University of Toronto, was deeply shaken by the extent of the incident. "It is an unprecedented and terrible data breach," he said. "This event allows for a deep insight into people's private lives and is a real treasure trove for spies and fraudsters." The telecommunications industry is a frequent target for hacker attacks due to the processing of sensitive personal data. Such data interests not only criminals but also foreign governments aiming to spy on politicians, journalists, and activists. Previous cases, such as the attack by Chinese hackers on telecommunications companies in Southeast Asia and Russian hackers on Ukrainian providers, highlight this threat. Western intelligence agencies have also employed similar tactics, as demonstrated by the British Government Communications Headquarters (GCHQ) infiltrating the network of the Belgian provider Belgacom in 2010. Data breaches are not uncommon in the USA. In March 2023, AT&T reported a hack compromising data from around 9 million customers. T-Mobile also experienced a breach in January 2023, when data from about 37 million customers were stolen. However, the scale of the latest incident surpasses all these previous attacks by far and affects not only AT&T customers but also those of unnamed mobile operators that use the AT&T network. "According to the report to the United States Securities and Exchange Commission, the unlawfully downloaded data was obtained from an AT&T work environment on a third-party cloud platform," said Gus Hosein, Executive Director of the London-based organization Privacy International. Despite the severe consequences, there have been no significant impacts on AT&T operations so far, and the company does not anticipate the incident to materially affect its financial condition or operating results. Privacy advocates, however, emphasize that legal and regulatory consequences for AT&T are likely. Nathan Wessler from the American Civil Liberties Union called the incident a "devastating privacy problem" and demanded a thorough investigation. The FBI and the Federal Communications Commission confirmed that they are investigating the case.