July 12 CNN Report
AT&T said the compromised data includes the telephone numbers of “nearly all” of its cellular customers and the customers of wireless providers that use its network between May 1, 2022 and October 31, 2022.
The data was the metadata: Phone numbers called, call duration, number of times called/messaged. But cell tower site identification records may have been released.
The FCC is investigating according to their social media posts on X (formerly Twitter).
This data breach is not related to the March 2024 incident (73 million customer's PII on the dark web).
Department of Justice delayed public disclosure. National Security and public safety concerns
An advisory/notice from AT&T:
https://www.att.com/support/article/my-account/000102979
I requested my information, got the response that day. Very little detail.
News services are reporting the hacker was paid about $300,000 to erase the data stolen.
The data was stolen from an unsecured cloud server. The stolen data was stored on a cloud server. Cloud servers do backups and replication. Consider the data still available. I easily requested my data. Anyone can request your data with a little effort. Use multi-factor authentication protections on accounts.