How to know if you were affected by the AT&T data breach and what to do next
The call and text message records of nearly all of AT&T's cellular customers were exposed in a data breach, the company said Friday.
The company said in a filing with the U.S. Securities and Exchange Commission it learned in April that customer data was illegally downloaded from an AT&T workspace on a third-party cloud platform.
The company said it is working with law enforcement to arrest those involved in the incident, and that at least one person has been apprehended.
"We have an ongoing investigation into the AT&T breach and we're coordinating with our law enforcement partners," the Federal Communications Commission said on social media Friday morning.
Here's what else to know about the massive data breach, if you were affected and what to do if you are concerned about possible exposure of sensitive information.
AT&T data breach:Do users need to do anything?
Who was affected by the AT&T breach?
In the SEC filing, AT&T said the threat actors exfiltrated files containing records of customer call and text interactions that occurred approximately between May 1 and October 31, 2022. The company said the compromised data also includes records from January 2, 2023 for a "very small number of customers."
In addition to cellular customers, customers of mobile virtual network operators (MVNOs) using AT&T's wireless network and AT&T landline customers who interacted with these cellular numbers were also affected.
AT&T said it will contact affected customers by text, email or U.S. mail. Customers can also check their accounts online to see if they were affected.
What type of data was exposed?
AT&T said in a news release Friday that "the data does not contain the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information."
"It also does not include some typical information you see in your usage details, such as the time stamp of calls or texts," the company added.
AT&T also said that while the compromised data also does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number.
"At this time, we do not believe that the data is publicly available," the company said in the news release.
AT&T data breach:AT&T says nearly all of its cell customers' call and text records were exposed in massive breach
What should AT&T customers do?
AT&T said that as a general rule, customers should remain cautious of any phone call or text request asking you for personal, account or credit card details. If you suspect:
- Suspicious text activity: Do not reply. Forward the text to AT&T so they can assist you. Forwarded messages are free and won't count toward your text plan.
- You are a target of fraud on your AT&T wireless number: Report it to AT&T's fraud team. If you suspect fraud on another account, call the customer service number on your bill for help.
AT&T also says customers should only open text messages from people you know and trust, and shouldn't reply to a text from an unknown sender with personal details.
What to do if your Social Security number has been exposed
While AT&T says Social Security numbers were not exposed in the data breach, customers who are concerned about being exposed can follow this guidance from the Federal Trade Commission:
- Take advantage of free credit monitoring, if offered by the company responsible.
- Get free credit reports and check them for accounts or charges you don't recognize.
- Place a free credit freeze or fraud alert. A credit freeze makes it harder for someone to open an account in your name. However, it will require a few extra steps to briefly unlock the freeze if you apply for something that requires a credit check. A fraud alert requires businesses to verify your identity before they issues new credit in your name.
- Continue to monitor your credit reports at annualcreditreport.com, where you can check them weekly for free.
What to do if your credit card number or bank account information is compromised
While AT&T said that "personally identifiable information" wasn't involved with the data breach, if you suspect your banking information has been leaked, the FTC suggests:
- Contacting your bank to close your account or cancel your credit or debit card and get a new one.
- Reviewing transactions regularly to check for fraudulent charges.
- Updating any automatic payments with your new account information.
Contributing: Chad Murphy, USA TODAY Network
Gabe Hauari is a national trending news reporter at USA TODAY. You can follow him on X @GabeHauari or email him at [email protected].