With our free press under threat and federal funding for public media gone, your support matters more than ever. Help keep the LAist newsroom strong, become a monthly member or increase your support today.
AT&T says hackers stole 2022 call and text data from 'nearly all' cell customers

AT&T says hackers stole 2022 data of “nearly all” of its cellular customers from the company's workspace on a third-party cloud platform.
The Dallas-based telecommunications company announced the massive data breach in a regulatory filing and press release on Friday morning, which said it believes the data is no longer publicly available.
“AT&T has taken additional cybersecurity measures in response to this incident including closing off the point of unlawful access,” it added.
The company wrote that it first learned of the incident in April, but the U.S. Justice Department determined in May and again in June that “a delay in providing public disclosure was warranted” until now.
AT&T’s investigation found that an unspecified number of “threat actors” exfiltrated files in April containing the records of phone calls and text messages of “nearly all AT&T cellular customers” between May and October 2022, as well as a smaller number of customers on Jan. 2, 2023.
An AT&T spokesperson described the information taken as “aggregated metadata,” holding information about the calls and texts but not their contents.
The records identify other telephone numbers with which affected customers interacted, including AT&T landline numbers, as well as counts of those calls and texts and the total call durations for specific days or months.
“For a subset of the records, one or more cell site ID numbers associated with the interactions are also included,” it adds.
AT&T says the data does not include the substance or time stamps of those calls and texts, nor birthdays, social security numbers or other “personally identifiable information.” Though there is a catch.
“While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number,” it cautions.
AT&T says it is working with law enforcement to arrest the perpetrators, and “understands that at least one person has been apprehended” so far.
The company says it will notify impacted users by text, email or U.S. mail, and has also set up a webpage where current and former customers can check to see if their information was involved.
Those affected can follow an online process to obtain the phone numbers of their calls and texts in the downloaded data. AT&T says the option to request that information will be in place through the end of this year.
And for those concerned about potential phishing and online fraud, it offers some evergreen advice, including not replying to a text from an unknown sender with personal details and making sure websites are secure by looking for the “s” after “http” in the address.
It adds that customers who suspect suspicious text activity should forward the message to AT&T, and report any suspected fraud on their AT&T wireless account to its team.
This is not the first data breach that AT&T has reported this year.
It said in March that it had reset the passcodes of about 7.6 million users after it discovered a dataset on the “dark web” containing Social Security numbers and other personal information of some 70 million current and former account holders.
Separately, AT&T gave $5 to certain customers affected by a nearly 12-hour nationwide outage back in February.
Verizon, Ticketmaster, Dell and Bank of America are among the other companies that have reported major data breaches this year, affecting millions of people altogether.
-
Copyright 2024 NPR. To see more, visit npr.org.
At LAist, we believe in journalism without censorship and the right of a free press to speak truth to those in power. Our hard-hitting watchdog reporting on local government, climate, and the ongoing housing and homelessness crisis is trustworthy, independent and freely accessible to everyone thanks to the support of readers like you.
But the game has changed: Congress voted to eliminate funding for public media across the country. Here at LAist that means a loss of $1.7 million in our budget every year. We want to assure you that despite growing threats to free press and free speech, LAist will remain a voice you know and trust. Speaking frankly, the amount of reader support we receive will help determine how strong of a newsroom we are going forward to cover the important news in our community.
We’re asking you to stand up for independent reporting that will not be silenced. With more individuals like you supporting this public service, we can continue to provide essential coverage for Southern Californians that you can’t find anywhere else. Become a monthly member today to help sustain this mission.
Thank you for your generous support and belief in the value of independent news.

-
What do stairs have to do with California’s housing crisis? More than you might think, says this Culver City councilmember.
-
Yes, it's controversial, but let me explain.
-
Doctors say administrator directives allow immigration agents to interfere in medical decisions and compromise medical care.
-
The Palisades Fire erupted on Jan. 7 and went on to kill 12 people and destroy more than 6,800 homes and buildings.
-
People moving to Los Angeles are regularly baffled by the region’s refrigerator-less apartments. They’ll soon be a thing of the past.
-
Experts say students shouldn't readily forgo federal aid. But a California-only program may be a good alternative in some cases.