The US Federal Communications Commission (FCC) revealed a huge data breach disclosed by AT&T last week was already the subject of an investigation, while US media attention on the issue continues, including speculation over a potential ransom payment.

On its X social media account, the FCC stated it was also coordinating with domestic law enforcement agencies over the issue.

AT&T revealed customer data mostly dating back to 2022 had been illegally downloaded from its workspace on a third-party cloud platform. The identity of the platform provider has been reported by multiple media outlets as being Snowflake.  

The operator learned of the breach in April and has been working with law enforcement authorities since. In its initial statement, AT&T claimed it believed “at least one person has been apprehended” and the stolen data was not thought to be publicly available.

But two days after AT&T’s disclosure, Bloomberg reported a hacker claiming to have been involved in the incident said they had been paid $400,000 to erase the data. The news outlet’s ransomware expert source apparently confirmed a payment had been received by the hacker.

AT&T and authorities in the US did not comment to a potential payment, Bloomberg added.