AT&T 2022 security breach hits nearly all cellular customers and landline accounts

So far it has found that the compromised data includes files containing AT&T records of calls and texts between May 1, 2022 and Oct. 31, 2022.

The company said Friday that it has launched an investigation and engaged cybersecurity experts to understand the nature and scope of the criminal activity.

The company said that the compromised data also includes records from Jan. 2, 2023, for a very small number of customers. The records identify the telephone numbers an AT&T or MVNO cellular number interacted with during these periods. For a subset of records, one or more cell site identification number(s) associated with the interactions are also included.

AT&T said that the data doesn’t contain the content of calls or texts, personal information such as Social Security numbers, birth dates, or other personally identifiable information. It also doesn’t include some information typically seen in usage details, such as the time stamp of calls or texts. The data doesn’t include customer names, but the company said that there are often ways, using publicly available online tools, to find the name associated with a specific telephone number.

AT&T said it is working with law enforcement on the incident and that it understands that at least one person has been apprehended so far.

The company’s stock fell more than 2% before the market open.