Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
US telecom giant AT&T has disclosed a breach involving call and text messaging logs from six months into 2022 of “almost all” of its more than 100 million customers. In addition to releasing personal contact details for several individual Americans, however, the FBI cautioned that its agents’ call and text records were also included in the breach. a document Seen and first reported by Bloomberg indicates that the bureau is scrambling to mitigate any potential fallout from revelations about the identities of anonymous sources connected to the investigation.
The data breach did not include the content of calls and texts, but Bloomberg reported that it showed contact logs for agents’ mobile numbers and other phone numbers over a six-month period. It’s unclear how widespread the stolen data was. In July WIRED reported that after hackers tried to extort AT&T, The company paid $370,000 to try to erase the data trove. In December, US investigators charged and arrested a suspect allegedly That entity was behind the threat to leak the stolen data.
The FBI tells WIRED in a statement: “The FBI continually adapts our operational and security practices as physical and digital threats evolve. The FBI has a solemn responsibility to protect the identity and protection of confidential human sources, who every day provide information that keeps the American people safe, often at great risk to themselves.”
AT&T spokesman Alex Byers said in a statement that the company “worked closely with law enforcement to minimize the impact on government operations” and appreciates the “thorough investigation” they conducted. “Given the growing threat posed by cybercriminals and nation-state actors, we continue to increase investments in security as well as monitoring and remediation of our networks,” Byers added.
The situation comes amid ongoing revelations about a different hacking campaign run by China’s Salt Typhoon spy group, which has compromised several US telecoms, including AT&T. This separate scenario exposes call and text logs for a small group of specific high-profile targets, and in some cases includes recordings as well as information such as location data.
The US government has scrambled to respond. A recommendation from the FBI and the Cybersecurity and Infrastructure Security Agency for Americans to use end-to-end encrypted platforms—eg. signal or WhatsApp– to communicate. Signal stores almost no metadata about its customers and doesn’t reveal which accounts have interacted with each other if it’s breached. The advice was sound advice from a privacy perspective, but it was surprising considering the US Department of Justice Historical opposition To use end-to-end encryption. If the FBI is grappling with the possibility that its own informants could be exposed by the recent telecom breach, the face-off makes more sense.
If agents strictly follow protocol for investigative communications, though, the stolen AT&T call and text logs shouldn’t pose a major threat, said Jake Williams, a former NSA hacker and vice president of Hunter Strategy Research. Standard operating procedure should be designed for the possibility that call logs could be compromised, he said, and require agents to contact sensitive sources using phone numbers that have never been linked to them or the US government. The FBI could be overly cautious about the AT&T breach, Williams said, or it could discover that agents made mistakes and protocol errors in the stolen data. “It wouldn’t be a counterintelligence problem unless someone followed the procedure,” he says.
Williams also added that, although the Salt Typhoon campaigns are known to have affected only a relatively small group, they affected many telecoms and the full impact of that breach is not yet known.
“I am concerned about FBI sources who may be affected by this AT&T exposure, but more broadly the public still does not have a full understanding of the results of the Salt Typhoon campaign,” Williams said. “And it seems that the US government is still working to realize that.”
