Massive AT&T data breach includes calls to Canada – National

A security breach that compromised the data of the vast majority of AT&T’s mobile customers involved calls to Canada, the telecom giant confirmed to Global News.

AT&T reported Friday that the data of nearly all of AT&T’s mobile customers was compromised in the breach. This includes more than 100 million individual customers in the US and 2.5 million business accounts.

An AT&T spokesperson confirmed Friday that the affected dataset included calls to Canada. The breach included only aggregated metadata, not the content of calls, text messages, or social security or credit card information.

The compromised data also didn’t include all the information you’d normally see in usage details, such as the time stamp of calls or text messages, the company said. The data didn’t include customers’ names, but AT&T said there are often ways, using publicly available online tools, to find the name associated with a specific phone number.

Story continues below advertisement

The breach occurred in April earlier this year, but the company’s investigation found that the compromised data included files containing AT&T calls and text messages between May 1, 2022 and October 31, 2022.

The AT&T spokesperson says the incident occurred outside the telecom company’s network and that the telecom company’s own systems “were not compromised.”


Click to play video: 'Protecting your personal information after the Ticketmaster hack'


Protecting your personal information after the Ticketmaster hack


AT&T says it does not believe the data is publicly available at this time.

The email address you need to stay up to date on the most important news from Canada and around the world.

Customers of mobile virtual network operators who use AT&T’s wireless network, and fixed-line customers who communicate with these mobile numbers, are also affected.

The company said Friday that it has launched an investigation and has engaged cybersecurity experts to understand the nature and scope of the criminal activity. The company continues to cooperate with law enforcement on the incident and understands that at least one person has been arrested so far.

Story continues below advertisement

As for why customers aren’t hearing about a breach that occurred in April until July, AT&T added in public filings that the U.S. Department of Justice has twice confirmed that a “delay in providing public disclosure was warranted” amid ongoing investigations.

Popular Now

  • Costco members in Canada will have to pay more starting this fall

  • Telus tells Ontario call center workers to relocate or risk losing their jobs

The compromised data also includes records from January 2, 2023, for a very small number of customers. The records identify the phone numbers with which an AT&T or MVNO mobile number interacted during these periods. For a subset of records, one or more mobile site identifiers associated with the interactions are also included.

This isn’t the first data breach this year for AT&T. In March, the telecommunications giant said a dataset found on the “dark web” contained information such as Social Security numbers for about 7.6 million current AT&T account holders and 65.4 million former account holders.

AT&T said at the time that it had already reset the access codes of current users and would contact account holders whose sensitive personal information had been compromised.

Shares of Dallas-based AT&T Inc. fell more than 2 percent before the market opened on Friday.

— with files from Reuters


Click to play video: 'Suspected mastermind behind major data theft and fraud at Desjardins among those arrested'


Alleged mastermind behind major data theft and fraud at Desjardins among those arrested


© 2024 Global News, a division of Corus Entertainment Inc.



Craig Lord

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *