AT&T Corp. has revealed a significant data breach that has compromised phone call and text message records for approximately 110 million of its customers. The telecommunications giant acknowledged that it had delayed disclosing the incident due to national security and public safety concerns, as the compromised records included data that could potentially reveal the origin and destination of calls and texts.

According to a regulatory filing with the U.S. Securities and Exchange Commission, AT&T stated that cyber attackers gained access to an AT&T workspace on a third-party cloud platform in April. They proceeded to download files containing customer call and text interactions that took place between May 1 and October 31, 2022, as well as on January 2, 2023.

The stolen data includes records of calls and texts for mobile providers reselling AT&T's service. However, AT&T reassured customers that the compromised data does not include the content of the calls or texts, Social Security numbers, dates of birth, or any other personally identifiable information.

Nevertheless, a subset of the stolen records does contain information about the location of cellular communications towers closest to the subscriber. This data could potentially be used to determine the approximate location of the customer device involved in the communication.

AT&T emphasized that while the stolen data does not include customer names, it is possible to identify the individuals associated with specific telephone numbers using publicly available online tools.

The breach was first detected on April 19, and AT&T initially delayed disclosing it at the request of federal investigators. The company's SEC filing revealed that at least one individual has been apprehended in connection with the incident.

The FBI confirmed that it had asked AT&T to postpone notifying affected customers. In a statement, the FBI explained that after being alerted to the potential breach, all parties had discussed delaying public reporting in accordance with SEC Rule 1.05(c) to ensure national security and public safety. The collaborative effort between AT&T, the FBI, and the Department of Justice involved sharing key threat intelligence to support the investigation and assist AT&T's incident response.

AT&T further claimed that the customer data was stolen as part of an ongoing data breach that also affected more than 160 customers of the cloud data provider Snowflake. It appears that malicious hackers obtained stolen Snowflake credentials from dark web services and used them to access accounts protected by weak username and password combinations. Snowflake has since implemented multi-factor authentication for new customers.

This breach is not the first time AT&T has experienced such a security incident. Earlier this year, the company reset passwords for millions of customers following a data breach in 2018 that affected approximately 7.6 million current AT&T account holders and 65.4 million former account holders.

AT&T assured the SEC that it does not anticipate this most recent incident to have a material impact on its financial condition or operations. The company reported revenues of over $30 billion in its most recent quarter.

The ongoing trend of major corporations storing vast amounts of sensitive customer data with insufficient security measures remains a cause for concern. Despite the potential class-action lawsuits that frequently follow these breaches, there appears to be inadequate accountability for lax security practices.

The scope and impact of this breach raise questions about the necessity for stronger protection of customer data and stricter regulations regarding data security across industries.