We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

AT&T Breach Exposes Call Logs of 109 Million Customers

AT&T Breach Exposes Call Logs of 109 Million Customers
Author Image Keira Waddell
Keira Waddell Published on 17th July 2024 Senior Writer

AT&T has revealed that the call and text logs of approximately 109 million customers were exposed in a data breach. The breach, which occurred between April 14 and April 25, 2024, involved unauthorized access to data stored on a third-party cloud platform operated by Snowflake.

The compromised data includes records of calls and texts from May 1 to October 31, 2022, and a small subset from January 2, 2023. While the content of the calls and messages was not accessed, the exposed data includes phone numbers, total count of calls and texts and to what numbers, and call durations. Additionally, for some customers, cell site identification numbers were included, which could potentially reveal approximate locations during communications.

AT&T confirmed the breach in a filing with the Securities and Exchange Commission (SEC), explaining that threat actors had unlawfully accessed an AT&T workspace on a third-party cloud platform (Snowflake). The company emphasized that sensitive personal information, such as Social Security numbers, dates of birth, and customer names, were not exposed. However, it acknowledged that publicly available tools can often link phone numbers to specific individuals.

The breach affects not only AT&T cellular customers but also those of other wireless providers using AT&T’s network and AT&T landline customers who communicated with affected cell numbers. AT&T’s 2023 annual report lists 127 million devices connected to its wireless network.

Following the discovery of the breach, AT&T took immediate steps to secure the access point. The company has been collaborating with the FBI and the Department of Justice in response to the incident. AT&T reported that at least one individual involved in the breach has been apprehended.

To address the potential risks, AT&T will be notifying current and former customers whose data was compromised and is providing resources to help them protect their information. The company has assured customers via a notice on its website that they don’t believe that the stolen data has been made publicly available.

AT&T is the latest company to suffer from the Snowflake attack, with previous victims including Santander and Ticketmaster. The breach has been attributed to a cybercriminal group, known only by the identifier UNC5537, as identified by Mandiant.

About the Author

Keira is an experienced cybersecurity and tech writer dedicated to providing comprehensive insights on VPNs, online privacy, and internet censorship.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address