Skip to main content
CrankySec

Top Priority

Hello,

We’re reaching out to let you know that some of your data was accessed without authorization. Although we have no current indication of any public release or illegal use of your data, we really have no idea what the future holds. Might be one of those leaks that keep coming back to haunt you, eh? Just pray that the records of your phone calls and text messages don't get weaponized against you by, I don't know, some weird right-wing government wanting to see if you called Planned Parenthood. Or some violent domestic partner. Or the cops. Or the feds. Oh, wait. The feds already have it. It's in room 641A.

The number(s) included in the data attached to your account at the time ended in: 1234.

What happened?
We dumped terabytes of unencrypted data into Snowflake for no reason other than "because everyone else is doing it", and protected our Snowflake account (and your data) with only a username and password. We found out AT&T call and text records were accessed by cyber-criminals who have claimed responsibility for unlawful access to other companies in the past. At least one individual has since been arrested. Those guys are super l33t, yo. Like, using 0-days and things! But one guy being arrested makes it up for it, right? And it's not even our CISO! That's a win in our book.

What information was involved?
The investigation indicates the data included the phone numbers of your call and text interactions from May 1, 2022 to October 31, 2022. It also included counts of those calls/texts and total call durations for specific days or months.  And by "investigation" we mean "that's all the data that was there". Also we hired Mandiant or Google or whatever the hell those nerds are called these days.

The compromised data does not include the content of calls or text messages nor personal information, such as Social Security numbers, birth dates, or financial information. It also does not include some typical information you see in your usage details, such as the time stamp of calls or texts. We put this in bold letters to make sure you're aware of the fact that we don't think the data that did leak is all that important, and you should move on with your life, and don't even think about this, y'all. We're good!

What is AT&T doing?
Protecting customer data is a top priority. We have confirmed the affected system has been secured. We hold ourselves to high privacy standards and are always looking for ways to improve our security practices. So much so that this is not even the first time we fuck up! We love incident response so much that we keep doing it! And, don't worry! This exact same thing won't happen again because the "system has been secured" LOL. Also, we've informed the SEC through the submission of a Form 8-K that, according to our own internal analysis, all is well: No material impact of any kind. Thanks for your concern, but, as our stock price can attest, AT&T will be fine. Literally nothing happens to companies like AT&T. You? Who knows?

What can you do?
It is always advisable to be careful when taking calls from numbers that you do not recognize and stay alert to any fraud or theft attempts. You know, the calls that we don't block. If you fall for that shit, honestly, that's on you. And, really: what can you do, huh?

For more information and details about the information that was accessed, go to att.com/dataincident.

For additional tips on privacy and data protection, go to CyberAware.

We apologize for any inconvenience and remain committed to protecting the information in our care, even though we keep failing at that.

AT&T