AT&T Discloses Material Cybersecurity Incident

TL;DR

ATT hit by major cyberattack on May 6th, investigation ongoing.

AI Summary

AT&T Inc. filed an 8-K on July 12, 2024, disclosing a material cybersecurity incident that occurred on May 6, 2024. The filing indicates that the incident involved unauthorized access to AT&T systems, and the company is investigating the extent of the breach.

Why It Matters

This filing alerts investors and customers to a significant data security event, potentially impacting AT&T's reputation and operational integrity.

Risk Assessment

Risk Level: medium — Cybersecurity incidents can lead to data breaches, financial losses, regulatory scrutiny, and reputational damage.

Key Players & Entities

• AT&T INC. (company) — Filer of the 8-K
• 20240506 (date) — Date of the cybersecurity incident
• 20240712 (date) — Filing date of the 8-K

FAQ

Key Financial Figures

• $1.00 — ch registered Common Shares (Par Value $1.00 Per Share) T New York Stock Exchange D

Filing Documents

• t-20240506.htm (8-K) — 76KB
• 0000732717-24-000046.txt ( ) — 440KB
• t-20240506.xsd (EX-101.SCH) — 9KB
• t-20240506_def.xml (EX-101.DEF) — 30KB
• t-20240506_lab.xml (EX-101.LAB) — 66KB
• t-20240506_pre.xml (EX-101.PRE) — 32KB
• t-20240506_htm.xml (XML) — 27KB

05 Material Cybersecurity Incidents

Item 1.05 Material Cybersecurity Incidents. On April 19, 2024, AT&T Inc. ("AT&T") learned that a threat actor claimed to have unlawfully accessed and copied AT&T call logs. AT&T immediately activated its incident response process to investigate and retained external cybersecurity experts to assist. Based on its investigation, AT&T believes that threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, 2024, exfiltrated files containing AT&T records of customer call and text interactions that occurred between approximately May 1 and October 31, 2022, as well as on January 2, 2023, as described below. The data does not contain the content of calls or texts, personal information such as Social Security numbers, dates of birth, or other personally identifiable information. Current analysis indicates that the data includes, for these periods of time, records of calls and texts of nearly all of AT&T's wireless customers and customers of mobile virtual network operators ("MVNO") using AT&T's wireless network. These records identify the telephone numbers with which an AT&T or MVNO wireless number interacted during these periods, including telephone numbers of AT&T wireline customers and customers of other carriers, counts of those interactions, and aggregate call duration for a day or month. For a subset of records, one or more cell site identification number(s) are also included. While the data does not include customer names, there are often ways, using publicly available online tools, to find the name associated with a specific telephone number. AT&T has taken additional cybersecurity measures in response to this incident including closing off the point of unlawful access. AT&T will provide notice to its current and former impacted customers. On May 9, 2024, and again on June 5, 2024, the U.S. Department of Justice determined that, under Item 1.05(c) of Form 8-K, a delay in providing public disclosure

01 Financial Statements and Exhibits

Item 9.01 Financial Statements and Exhibits. (d) Exhibits 104 Cover Page Interactive Data File (embedded within the Inline XBRL document) Signature Pursuant to the requirements of the Securities Exchange Act of 1934, the Registrant has duly caused this report to be signed on its behalf by the undersigned hereunto duly authorized. AT&T INC. Date: July 12, 2024 By: / s/ Stacey Maris . Stacey Maris Senior Vice President, Secretary and Chief Privacy Officer

View Full Filing

View this 8-K filing on SEC EDGAR