How AT&T customers can protect themselves in the latest data breach

Kena Betancur/VIEWpress/Corbis/Getty Images

If you were an AT&T cellphone customer in 2022, your call data was possibly breached to bad actors.

AT&T said Friday that data was breached from “nearly all” of its cellular customers and the customers of wireless providers that used its network between May 1, 2022, and October 31, 2022.

The records of a “very small number” of customers from January 2, 2023, were also breached, AT&T said. The company blamed an “illegal download” on a third-party cloud platform that it learned about in April — just as AT&T was grappling with an unrelated major data leak.

AT&T listed approximately 110 million wireless subscribers as of the end of 2022. Here’s what that means for the millions of Americans that use AT&T’s cellular service.

What’s at risk

Hackers did not get any names, addresses or Social Security numbers. What they did get is metadata — call logs that contain a record of every number AT&T customers called or texted (including customers of other wireless networks), the number of times they interacted and the call duration.

A cybercriminal could now identify relationships among phone numbers, a useful data point for hackers trying to make their scams more believable.

For example, a hacker could see that a customer is in constant contact with a big bank’s line and could send a phishing attempt posing as the bank.

The hacker could text the customer saying, “This is Bank of America. We have some suspicious activity on your account. Click this link to review the charges, or call this number,” said John Dwyer, director of security research at Binary Defense, a cybersecurity solutions firm.

Or the hacker could pose as someone the customer has a personal relationship with, like a friend or family member. The age of artificial intelligence makes this even more pressing, according to Collin Walke, cybersecurity and data privacy partner at Hall Estill.

“Once they know who you’ve been communicating with, it allows deep fakes and those sorts of hacks to occur much easier,” Walke said.

Some customers’ cell tower ID numbers were also exposed, which could help some bad actors track down geolocations, Walke said. That could also make these hacking attempts more believable.

What customers should do

Cellphone users should always be careful about phishing and other scam attempts, especially as hackers become more and more sophisticated.

But AT&T customers should be hypersensitive to phone calls and text messages where they’re being asked to do things like call a number, click a link or transfer money. That includes requests from what appears to be a number that you normally communicate with, Dwyer said.

“If someone calls or texts you and asks you to do something, make sure you call them back to verify that it’s actually them,” Dwyer said.

Of course, without stricter cybersecurity regulation, there isn’t much customers can do to protect against data breaches. That responsibility lies with the federal government and giant telecom companies, which experts say widely go unchecked.

“I don’t think we should have an expectation that everyday Americans should be on the front lines of defending themselves for making sure the businesses they interact with have mandatory minimum cybersecurity in place,” Eric Noonan, CEO of cybersecurity provider CyberSheath said.

CNN’s Matt Egan and Sean Lyngaas contributed to this report.

For more CNN news and newsletters create an account at CNN.com

Advertisement