The call and text message records of nearly all AT&T mobile customers were exposed in a data breach, the company said Friday.
The company said in a filing with the US Securities and Exchange Commission that it learned in April that customer data had been illegally downloaded from an AT&T workspace to a third-party cloud platform .
The company said it is working with law enforcement to arrest those involved in the incident and that at least one person has been apprehended.
“We have an ongoing investigation into the AT&T breach and are coordinating with our law enforcement partners,” the Federal Communications Commission said on social media Friday morning.
Here’s what else you need to know about the massive data breach, if you’ve been affected, and what to do if you’re concerned about the potential exposure of sensitive information.
AT&T data breach:Do users need to do anything?
Who was affected by the AT&T breach?
In the SEC filing, AT&T said threat actors deleted files containing data on customer phone calls and text interactions that occurred roughly between May 1 and Oct. 31, 2022. The company said the compromised data also includes data from Jan. 2 2023 for a “very small number of customers”.
In addition to mobile customers, mobile virtual network operator (MVNO) customers using AT&T’s wireless network and AT&T landline customers who interacted with these mobile numbers were also affected.
AT&T said it will contact affected customers by text, email or US mail. Consumers can also check their accounts online to see if they have been affected.
What kind of data was exposed?
AT&T said in a press release Friday that “the data does not contain the content of calls or texts, personal information such as social security numbers, dates of birth or other personally identifiable information.”
“It also doesn’t include some typical information you see in your usage details, such as the time stamp of calls or messages,” the company added.
AT&T also said that while the compromised data also does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific phone number.
“At this time, we do not believe the data is publicly available,” the company said in the press release.
AT&T data breach:AT&T says nearly all of its mobile customers’ call and text data was exposed in massive breach
What should AT&T customers do?
AT&T said that as a general rule, customers should be wary of any phone calls or text requests that ask for personal, account or credit card details. If you suspect:
- Suspicious text activity: Don’t answer. Forward the text to AT&T so they can help you. Forwarded messages are free and won’t count against your text plan.
- You are a target of fraud on your AT&T wireless number: Report it to AT&T’s fraud team. If you suspect fraud on another account, call the customer service number on your bill for assistance.
AT&T also says customers should only open text messages from people they know and trust and should not reply to a message from an unknown sender with personal details.
What to do if your Social Security number has been exposed
While AT&T says Social Security numbers were not exposed in the data breach, customers who are concerned about exposure can follow this guidance from the Federal Trade Commission:
- Take advantage of free credit monitoring, if offered by the responsible company.
- Get free credit reports and check them for accounts or charges you don’t recognize.
- Set up a free credit freeze or fraud alert. A credit freeze makes it harder for someone to open an account in your name. However, a few extra steps will be required to briefly unlock the freeze if you’re applying for something that requires a credit check. A fraud alert requires businesses to verify your identity before issuing new credit in your name.
- Keep monitoring your credit reports at annualcreditreport.com, where you can check them weekly for free.
What to do if your credit card number or bank account information is compromised
While AT&T said “personally identifiable information” was not involved in the data breach, if you suspect your banking information was leaked, the FTC suggests:
- Contact your bank to close your account or cancel your credit or debit card and get a new one.
- Review transactions regularly to check for fraudulent charges.
- Updating each automatic payment with your new account information.
Contributed by: Chad Murphy, USA TODAY Network
Gabe Hauari is a national trending news reporter at USA TODAY. You can follow him on X @GabeHauari or email him at Gdhauari@gannett.com.