Crooks Steal Phone, SMS Records for Nearly All AT&T Customers
What specific data was exposed in the AT&T breach?
The AT&T breach exposed phone call and text message records for nearly all of its customers, including records of calls and texts for mobile providers that resell AT&T's service. The stolen data does not include the content of calls or texts, Social Security numbers, dates of birth, or any other personally identifiable information2. However, a subset of stolen records included information about the location of cellular communications towers closest to the subscriber, data that could be used to determine the approximate location of the customer device initiating or receiving those text messages or phone calls.
Why did AT&T delay the breach disclosure?
AT&T delayed the breach disclosure due to concerns related to national security and public safety, as the exposed data could potentially reveal the general location of one or more parties involved in the calls or texts2. The US Justice Department had requested the delay in disclosure.