Massive AT&T hack compromises phone, text records of "nearly all" customers

• The stolen data includes "records of calls and texts of nearly all of AT&T's cellular customers," other customers using AT&T's wireless network, and "AT&T's landline customers who interacted with those cellular numbers between May 1, 2022 - October 31, 2022," AT&T said in a statement Friday.
• The breach also included a data from a small portion of customers dating to early January 2023.

Driving the news: The company learned in April that hackers had successfully downloaded customer data from its third-party cloud service, per the statement.

• The company initially disclosing the hack in a regulatory filing.

Zoom in: Hackers did not obtain the content of the calls or texts, users' personal information, or the time stamps of the calls or texts, AT&T said.

• However, while customer names were not leaked, it is possible they could be gleaned using other publicly available tools, the company warned.
• AT&T reported the hack to the FBI shortly after it was identified, but public disclosure of the hack was delayed twice due to a potential national security risk or threat to public safety, the FBI told Axios in a statement Friday.
• AT&T, the FBI and the Justice Department "worked collaboratively through the first and second delay process, all while sharing key threat intelligence to bolster FBI investigative equities and to assist AT&T's incident response work," the FBI added.

The big picture: The Federal Communications Commission said Friday that it has an "ongoing investigation into the AT&T breach" and is working with other law enforcement partners.

• AT&T said it is working with law enforcement and has "taken steps to close off the illegal access point."
• "We understand that at least one person has been apprehended," the company added.

Go deeper: AT&T outage was "not a cyber attack"

Editor's note: This story was updated with additional developments.