AT&T, one of the largest telecoms companies in the US, has disclosed that hackers have stolen more than six months of call and text message records from nearly all of its cellular network customers, exposing the confidential data of millions of Americans.
Based on its internal investigation, the company said that hackers unlawfully downloaded customer data from its workspace on a third-party cloud platform between April 14 and April 25, the Dallas-headquartered company said in a Securities and Exchange Commission filing on Friday.
It said that hackers had stolen files containing records of customer calls and texts that occurred between May 1 and October 31, 2022, as well as on January 2 last year.
Following the disclosure, the company’s stock dropped 0.40 per cent to trade at $18.78 a share at 2pm New York time (10pm UAE time).
The company first came to know about the hacker's claim of unlawfully gaining access to AT&T call logs on April 19. It added that the stolen data did not encompass the actual content of calls and text messages or the timestamps of those communications.
“The data does not contain the content of calls or texts, personal information such as social security numbers, dates of birth, or other personally identifiable information,” the company said in a regulatory filing.
“Current analysis indicates that the [compromised] data includes records of calls and texts of nearly all of AT&T’s wireless customers and customers of mobile virtual network operators using AT&T’s wireless network.”
AT&T said that although the compromised data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number.
The company’s wireless network has more than 127 million devices connected to it, per AT&T’s 2023 annual report.
The US Federal Communications Commission has also started an investigation into this incident.
“We have an ongoing investigation into the AT&T breach and we are co-ordinating with our law enforcement partners,” the FCC said in post on X, previously known as Twitter, on Friday.
AT&T said, based on the information provided, it believed that at least one person has been apprehended by law enforcement on suspicion of involvement in the hack.
“We will provide notice to current and former customers whose information was involved along with resources to help protect their information,” the company said on Friday.
AT&T's history of breaches and controversies
This is not the first time the US telecoms company has been caught on the wrong foot.
In March, AT&T said personal information, including social security numbers, of about 7.6 million current and almost 65.4 million former customers was released on to the dark web.
In December 2022, the company agreed to pay a $6.25 million penalty to settle a lawsuit by the SEC, which accused it of selectively leaking financial information to Wall Street analysts.
Filed in March 2021, the SEC lawsuit accused AT&T and three investor relations executives of leaking details about its smartphone business to 20 firms.
Justice Department delays public disclosure
AT&T said the US Department of Justice had suggested delaying the disclosure of the matter to the public.
“On May 9, 2024, and again on June 5, 2024, the US Department of Justice determined that, under Item 1.05(c) of Form 8-K, a delay in providing public disclosure was warranted,” it said in the filing without giving any further reason
CNN Business quoted an FBI statement as saying: “In assessing the nature of the breach, all parties discussed a potential delay to public reporting … due to potential risks to national security and/or public safety.
“AT&T, FBI and DOJ worked collaboratively through the first and second delay process, all while sharing key threat intelligence to bolster FBI investigative equities and to assist AT&T’s incident response work.”
BIGGEST CYBER SECURITY INCIDENTS IN RECENT TIMES
SolarWinds supply chain attack: Came to light in December 2020 but had taken root for several months, compromising major tech companies, governments and its entities
Microsoft Exchange server exploitation: March 2021; attackers used a vulnerability to steal emails
Kaseya attack: July 2021; ransomware hit perpetrated REvil, resulting in severe downtime for more than 1,000 companies
Log4j breach: December 2021; attackers exploited the Java-written code to inflitrate businesses and governments
MATCH RESULT
Liverpool 4 Brighton and Hove Albion 0
Liverpool: Salah (26'), Lovren (40'), Solanke (53'), Robertson (85')
Killing of Qassem Suleimani
Killing of Qassem Suleimani
MATCH INFO
Kolkata Knight Riders 245/6 (20 ovs)
Kings XI Punjab 214/8 (20 ovs)
Kolkata won by 31 runs
COMPANY%20PROFILE%20
%3Cp%3E%3Cstrong%3EName%3A%3C%2Fstrong%3E%20Haltia.ai%0D%3Cbr%3E%3Cstrong%3EStarted%3A%3C%2Fstrong%3E%202023%0D%3Cbr%3E%3Cstrong%3ECo-founders%3A%3C%2Fstrong%3E%20Arto%20Bendiken%20and%20Talal%20Thabet%0D%3Cbr%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20Dubai%2C%20UAE%0D%3Cbr%3E%3Cstrong%3EIndustry%3A%3C%2Fstrong%3E%20AI%0D%3Cbr%3E%3Cstrong%3ENumber%20of%20employees%3A%3C%2Fstrong%3E%2041%0D%3Cbr%3E%3Cstrong%3EFunding%3A%3C%2Fstrong%3E%20About%20%241.7%20million%0D%3Cbr%3E%3Cstrong%3EInvestors%3A%3C%2Fstrong%3E%20Self%2C%20family%20and%20friends%26nbsp%3B%3C%2Fp%3E%0A
Quick pearls of wisdom
Focus on gratitude: And do so deeply, he says. “Think of one to three things a day that you’re grateful for. It needs to be specific, too, don’t just say ‘air.’ Really think about it. If you’re grateful for, say, what your parents have done for you, that will motivate you to do more for the world.”
Know how to fight: Shetty married his wife, Radhi, three years ago (he met her in a meditation class before he went off and became a monk). He says they’ve had to learn to respect each other’s “fighting styles” – he’s a talk it-out-immediately person, while she needs space to think. “When you’re having an argument, remember, it’s not you against each other. It’s both of you against the problem. When you win, they lose. If you’re on a team you have to win together.”
What the law says
Micro-retirement is not a recognised concept or employment status under Federal Decree Law No. 33 of 2021 on the Regulation of Labour Relations (as amended) (UAE Labour Law). As such, it reflects a voluntary work-life balance practice, rather than a recognised legal employment category, according to Dilini Loku, senior associate for law firm Gateley Middle East.
“Some companies may offer formal sabbatical policies or career break programmes; however, beyond such arrangements, there is no automatic right or statutory entitlement to extended breaks,” she explains.
“Any leave taken beyond statutory entitlements, such as annual leave, is typically regarded as unpaid leave in accordance with Article 33 of the UAE Labour Law. While employees may legally take unpaid leave, such requests are subject to the employer’s discretion and require approval.”
If an employee resigns to pursue micro-retirement, the employment contract is terminated, and the employer is under no legal obligation to rehire the employee in the future unless specific contractual agreements are in place (such as return-to-work arrangements), which are generally uncommon, Ms Loku adds.
Dhadak 2
Director: Shazia Iqbal
Starring: Siddhant Chaturvedi, Triptii Dimri
Rating: 1/5
The specs: 2018 Mercedes-Benz E 300 Cabriolet
Price, base / as tested: Dh275,250 / Dh328,465
Engine: 2.0-litre four-cylinder
Power: 245hp @ 5,500rpm
Torque: 370Nm @ 1,300rpm
Transmission: Nine-speed automatic
Fuel consumption, combined: 7.0L / 100km
ACL Elite (West) - fixtures
Monday, Sept 30
Al Sadd v Esteghlal (8pm)
Persepolis v Pakhtakor (8pm)
Al Wasl v Al Ahli (8pm)
Al Nassr v Al Rayyan (10pm)
Tuesday, Oct 1
Al Hilal v Al Shorta (10pm)
Al Gharafa v Al Ain (10pm)
UAE currency: the story behind the money in your pockets
Eyasses squad
Charlie Preston (captain) – goal shooter/ goalkeeper (Dubai College)
Arushi Holt (vice-captain) – wing defence / centre (Jumeriah English Speaking School)
Olivia Petricola (vice-captain) – centre / wing attack (Dubai English Speaking College)
Isabel Affley – goalkeeper / goal defence (Dubai English Speaking College)
Jemma Eley – goal attack / wing attack (Dubai College)
Alana Farrell-Morton – centre / wing / defence / wing attack (Nord Anglia International School)
Molly Fuller – goal attack / wing attack (Dubai College)
Caitlin Gowdy – goal defence / wing defence (Dubai English Speaking College)
Noorulain Hussain – goal defence / wing defence (Dubai College)
Zahra Hussain-Gillani – goal defence / goalkeeper (British School Al Khubairat)
Claire Janssen – goal shooter / goal attack (Jumeriah English Speaking School)
Eliza Petricola – wing attack / centre (Dubai English Speaking College)
GAC GS8 Specs
Engine: 2.0-litre 4cyl turbo
Power: 248hp at 5,200rpm
Torque: 400Nm at 1,750-4,000rpm
Transmission: 8-speed auto
Fuel consumption: 9.1L/100km
On sale: Now
Price: From Dh149,900
How to turn your property into a holiday home
- Ensure decoration and styling – and portal photography – quality is high to achieve maximum rates.
- Research equivalent Airbnb homes in your location to ensure competitiveness.
- Post on all relevant platforms to reach the widest audience; whether you let personally or via an agency know your potential guest profile – aiming for the wrong demographic may leave your property empty.
- Factor in costs when working out if holiday letting is beneficial. The annual DCTM fee runs from Dh370 for a one-bedroom flat to Dh1,200. Tourism tax is Dh10-15 per bedroom, per night.
- Check your management company has a physical office, a valid DTCM licence and is licencing your property and paying tourism taxes. For transparency, regularly view your booking calendar.
