Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
US telecom giant AT&T disclosed a breach in July that affected phone and text messages from six months into 2022 of “approximately” more than 100 million of its customers. In addition to revealing the communications information of the Americans they killed, however, the FBI has been alerted that their phone calls and records were also included in the breach. Document was first spotted and reported by Bloomberg it shows that the office has been trying to minimize any risk that could lead to the disclosure of unknown information connected to the investigation.
The data that was breached did not include the content of calls and texts, but Bloomberg reported that it would have revealed the agents’ mobile numbers and other phone numbers they used over a six-month period. It is unclear how widely the stolen data has spread, if at all. WIRED reported in July that after the hack attempted to take over AT&T, the company paid $370,000 to try to have the data breach removed. In December, US investigators filed charges and arrested a suspect he says it was behind the organization that threatened to release the stolen data.
The FBI tells WIRED in a statement: “The FBI is constantly evolving our systems and security as physical and digital threats evolve. The FBI has a strong responsibility to protect the privacy of individuals, who provide information every day that keeps Americans safe, often at risk.” “
AT&T spokesman Alex Byers said in a statement that the company “worked closely with the authorities to mitigate the concerns of the government” and praised the “thorough investigation” they conducted. “Given the increased threat posed by cybercriminals and state actors, we continue to increase investment in security and monitoring and maintenance of our network,” adds Byers.
The developments reveal the ongoing hacking campaign by China’s Salt Typhoon spy group, which compromised many US companies, including AT&T. This revealed the phone records and voices of a small group of high-profile users, and in some cases included recordings and information such as location data.
As the US government struggled to respond, one suggestion from the FBI and the Cybersecurity and Infrastructure Security Agency have been Americans to use the platforms hidden to the end – as A symbol or WhatsApp– communication. Signal mainly stores almost all metadata about its customers and will not reveal the accounts that have been connected to each other in the event of a breach. The idea was good advice for privacy, but it was a big surprise for the US Justice Department. opposition history using end-to-end encryption. If the FBI has been grappling with the possibility that its informants may have been exposed by the latest telecom breach, however, the about-face is understandable.
If agents follow strict investigative procedures, AT&T’s calls and stolen records shouldn’t pose a threat, said former NSA hacker and Hunter Strategy vice president of research Jake Williams. Procedures should be developed to ensure that call logs cannot be tampered with, he says, and should require agents to communicate with victims using phone numbers that have never been linked to them or the US government. The FBI may have been alerting to the AT&T breach out of caution, Williams says, or they may have discovered that agent mistakes and protocol errors were caught in the hack. “This can’t be a counter-intellectual issue unless someone is not following the policy,” he says.
Williams adds that, while the Salt Typhoon campaign is known to have affected a small group of people, it affected a large number of telephones, and the full extent of the breach remains unknown.
“I’m concerned about the FBI sources who may have been involved in the AT&T show, but by and large the public doesn’t fully understand the fallout from the Salt Typhoon campaign,” Williams says. “And it seems that the US government is still trying to understand this.”
