AT&T revealed it was hit by a major hack of customer data impacting nearly all of its subscribers during a six-month period in 2022, in one of the biggest breaches ever to hit the communications industry.

In a regulatory filing, the US operator stated it learned in April “a threat actor” claimed to have unlawfully accessed and copied call logs.

The company then investigated the claim, finding unlawful access on an AT&T workspace on a third-party cloud platform which compromised the data of nearly all its wireless customers and those of MNVOs using its network. The breach included AT&T landline customers who interacted with the impacted mobile numbers.

Bloomberg reported the third-party platform is run by cloud company Snowflake.

Hackers exfiltrated records of customer calls and text interactions covering the period between 1 May and 31 October 2022. The breach did not contain the content of calls or texts, or personal information including social security numbers and dates of birth.

A “very small” number of customers also had data compromised from 2 January 2023.

AT&T stated it had around 110 million wireless subscribers at end-2022 and will begin informing impacted customers. It has taken additional cybersecurity measures to respond to the incident.

It has taken until now to disclose the breach because the US Department of Justice had determined on two occasions in May and June that “a delay in public disclosure was warranted”.

Bloomberg noted the breach has the potential to be devastating for some customers, particularly if certain individuals are sensitive about who they are calling.

AT&T added the incident had not had a material impact on operations and it does not believe it will materially impact its financial condition.

In April, the company also revealed a separate hack impacting 7.6 million customers and 65.4 million former account holders.