Something doesn't look right?

AT&T Data Breach Apr 2024

No known CVEs used

Subscribe for weekly updates

Security Incident Summary

Severity Score

High

Organization

AT&T

Threat Actor

UNC5537

Actor Type

Organized Crime

Type of Breach

3rd Party Compromise

News Timeline

Jul 15, 2024

Initial Disclosure

AT&T’s massive breach of metadata is a criminal treasure trove — as spy agencies know csoonline.com - The recent AT&T data breach, disclosed via an SEC 8-K filing, revealed that threat actors exfiltrated call data records (CDRs) from an AT&T workspace on a third-party cloud platform between April 14 a...
Show more

Organization Paid Attacker

AT&T Paid Hackers $370k to Delete Stolen Call Records thecyberexpress.com - AT&T paid approximately $370,000 in cryptocurrency to the hacker responsible for their data breach, which compromised tens of millions of call records, to have the stolen data deleted. The hacker, bel...
Show more

Paid

Paid Adversaries

AT&T Paid a Hacker $370,000 to Delete Stolen Phone Records wired.com - AT&T paid $300,000 to a member of the ShinyHunters hacking group to delete stolen customer call records, securing proof of deletion via a video demonstration. The breach reportedly stemmed from poorly...
Show more

Jul 12, 2024

Initial Disclosure

AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack securityweek.com - Between April 14 and April 25, 2024, AT&T suffered a data breach that exposed the call and text interaction records of nearly all its wireless customers and those of mobile virtual network operators u...
Show more

Snowflake

Initial Disclosure

Massive AT&T data breach exposes call logs of 109 million customers bleepingcomputer.com - AT&T has disclosed that a massive data breach resulted in the theft of call logs for approximately 109 million customers, occurring between April 14 and April 25, 2024. The breach was traced back to c...
Show more

Initial Disclosure

Massive AT&T Data Breach: Call and Text Records of ‘Nearly All’ Customers Compromised thecyberexpress.com - The breach of AT&T's data, impacting nearly all customers' call and text records, was due to unauthorized access to cloud platform Snowflake, underscoring the severe risk of poor credential hygiene. W...
Show more

Later disclosure

AT&T confirms arrest in data breach of more than 110 million customers csoonline.com - AT&T revealed that it was the first enterprise allowed by the U.S. Department of Justice to keep the details of a massive data breach involving 110 million customers secret initially, then permitted t...
Show more

Secondary Compromises

AT&T Breach May Also Impact Millions of Boost, Cricket, H2O Customers darkreading.com - AT&T revealed that the breach of its Snowflake workspace, which occurred between April 14 and April 25, 2023, was due to leaked Snowflake account credentials, impacting nearly all AT&T wireless custom...
Show more

Organization Details

Organization Size

268220

HQ Location

Dallas, TX

Industry

Telecommunications

Security Stack used by AT&T at time of breach (best approximation) Why?

Network Security

VPN/SASE

IDS/IPS

Endpoint Security

EDR

MDM

Identity Management

SSO / MFA

IGA

Application Security

WAF

SCA

Cloud Security

CASB

CWPP

SIEM / Threat Intel

SIEM

TIP

Not right? Contribute more accurate data

What is AT&T?

AT&T Inc. is a major American multinational conglomerate specializing in telecommunications and digital entertainment services. Founded on October 5, 1983, as Southwestern Bell Corporation, AT&T's lineage traces back to Alexander Graham Bell's original Bell Telephone Company, established in 1877. Ov...
Show more