AT&T reports that data from approximately 109 million U.S. customer accounts was illegally accessed and downloaded.


AT&T announced on Friday that it had experienced a significant security breach, resulting in the unauthorized access and download of customer account data. The compromised information includes call and text records from 2022 for approximately 109 million customers. The company is actively investigating the incident and taking steps to safeguard customer data.

The Federal Bureau of Investigation (FBI) is conducting an investigation into an incident involving the unauthorized copying of AT&T call logs from a third-party cloud platform. At least one individual has been apprehended in connection with this significant breach of consumer communication records.

AT&T has disclosed that a data breach has occurred, affecting records of calls and texts for a substantial portion of its cellular and landline customers. The compromised data spans from May 2022 to October 2022. It’s crucial to note that the content of calls, texts, and personal information, such as social security numbers, remain secure.

AT&T stock experienced a decline of 2% in pre-market trading activities.

The Federal Bureau of Investigation (FBI) and the Federal Communications Commission (FCC) have not yet provided an official statement regarding the matter.

Additionally, a limited number of customer records from January 2, 2023, were also affected by the data breach.

On April 19th, AT&T became aware of a claim made by a hacker regarding the unauthorized access and copying of AT&T call logs. Our subsequent investigation revealed that between April 14th and April 25th, unauthorized individuals infiltrated our systems and exfiltrated files containing customer call and text interaction records. These records also include AT&T customers of mobile virtual network operators utilizing AT&T’s wireless network.

These logs identify telephone numbers that a wireless number communicated with during these timeframes and provide a summary of the total call duration. A select number of records also include one or more cell site identification numbers.

AT&T has implemented additional cybersecurity measures, including the closure of the unauthorized access point. Customers will be notified of the incident and a dedicated website will be established to assist them in determining if their data has been compromised.

AT&T is cooperating with law enforcement and has postponed public notification in accordance with the Justice Department’s decision. AT&T does not believe that the data has been made publicly available.

The organization shared that the event has not had a significant effect on AT&T’s operations.