AT&T Data Breach: How to Check if Your Information Was Compromised

AT&T, the telecom giant, recently announced a significant breach that has impacted its cellular customers. If you were an AT&T customer between May 1, 2022, and Oct. 31, 2022, it's probable that your data has been compromised, as the company disclosed that "nearly all" cellular customers' records were accessed by hackers during that period. Additionally, a "very small number of customers" who were AT&T customers from Jan. 2, 2023, may also have had their data exposed.

Checking for Compromise

Customers are encouraged to log into their accounts to verify if their data has been compromised. Upon logging in, they can instantly ascertain if their data was affected. Furthermore, customers have the option to request a report that presents the compromised technical information in a more user-friendly format. AT&T has provided the link att.com/DataIncident for customers to obtain more information regarding the breach.

Data Involved and Customer Alerts

The compromised data primarily encompasses records of calls and texts for AT&T customers. Notably, it does not encompass the actual content of the calls or texts, or personal details such as Social Security numbers, birth dates, or other personally identifiable information. AT&T has assured that it will notify impacted customers through various channels such as text, email, or U.S. mail. However, the company is not currently offering identity theft protection to affected customers.

Reasons for Delay in Customer Notification

AT&T disclosed that it became aware of the breach in April, but delayed informing customers as it was collaborating with entities such as the Department of Justice and the FBI. These agencies cautioned that disclosing the breach could pose security risks, thus leading to the delay in notifying customers. Patrick Schaumont, a professor in the Department of Electrical & Computer Engineering at Worcester Polytechnic Institute, explained the national security concern, stating that the call logs can reveal social and professional networks, which may be a liability for individuals relevant to national security.

AT&T has not disclosed the identity of the hacker or hackers responsible for the breach, although one individual has been apprehended in connection with the incident.