On July 12, 2024, AT&T Inc. submitted a report to the U.S. Securities and Exchange Commission (SEC) in Washington D.C., regarding a cyber security incident. The incident, discovered on April 19, 2024, involved unauthorized individuals accessing and copying AT&T call logs. Following the discovery, AT&T promptly initiated its incident response protocol, launching an investigation and enlisting the expertise of external cyber security professionals. The investigation determined that between April 14 and April 25, 2024, unauthorized individuals used a third-party system to retrieve files containing customer call and text interaction records from May 1 to October 31, 2022, and January 2, 2023. The accessed data does not consist of the content of calls or messages, sensitive details like Social Security numbers, birthdates, or any other Personally Identifiable Information (PII). Furthermore, the investigation revealed that the data encompasses almost all of AT&T’s wireless subscribers and customers of Mobile Virtual Network Operators (MVNO) that utilize AT&T’s wireless infrastructure. “While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number,” AT&T said as a warning.

AT&T Inc. is an American multinational conglomerate holding company that is headquartered in Dallas, Texas. It’s the world’s largest telecommunications company and the largest provider of mobile telephone services in the U.S. It began its history as Southwestern Bell Telephone Company, a subsidiary of the Bell Telephone Company, founded by Alexander Graham Bell in 1880, which later evolved into American Telephone and Telegraph Company in 1885, which later rebranded as AT&T Corporation. Today, AT&T offers a wide range of services including wireless communications, local exchange services, long-distance services, data/broadband and Internet services, video services, telecommunications equipment, managed networking, and wholesale services.

AT&T stated, “Our top priority, as always, is our customers. We will provide notice to current and former customers whose information was involved along with resources to help protect their information. We sincerely regret this incident occurred and remain committed to protecting the information in our care.” In addition to this, they further emphasized their commitment to data security by saying, “Protecting your data is one of our top priorities. We have confirmed the affected access point has been secured. We hold ourselves to a high standard and commit to delivering the experience that you deserve. We constantly evaluate and enhance our security to address changing cyber security threats and work to create a secure environment for you. We invest in our network’s security using a broad array of resources including people, capital, and innovative technology advancements.”