The FBI has raised alarms over last year’s cyberattack on AT&T’s systems, warning that months of agents’ call and text logs may have been stolen. According to a document reviewed by Bloomberg News, the breach prompted the bureau to take immediate steps to protect the identities of its confidential informants.
The document indicates that data from all FBI devices using AT&T’s public safety network was likely compromised in the breach, which exposed six months of mobile phone records from 2022. While the contents of communications were not included in the stolen data, the records are believed to contain the mobile numbers of FBI agents and the numbers they called or texted. This information could potentially link agents to confidential sources.
According to the document, the compromised records did not include communications routed through encrypted messaging apps or those outside the AT&T network. However, the exposure of agents’ call logs alone raises significant concerns about the safety of informants and the integrity of ongoing investigations.
AT&T’s disclosure and hacker demands
AT&T publicly disclosed the breach in July 2024, confirming that attackers had accessed billions of call and text records. The hackers threatened to sell the stolen data unless AT&T paid an extortion fee. A source familiar with the breach confirmed to Bloomberg News that at least one FBI agent’s call logs were included in the stolen data, underscoring the sensitive nature of the information.
The FBI’s concern over the potential exposure of its informant network highlights the far-reaching implications of cyberattacks targeting telecom providers. Former intelligence and law enforcement officials have warned that stolen call logs could allow foreign adversaries to trace confidential informants, undermining national security operations and criminal investigations.
US authorities are also investigating a series of separate cyberattacks attributed to Chinese state-backed hackers, who infiltrated nine telecommunications companies, including AT&T. These breaches reportedly targeted communications within government and political circles.
The FBI has not disclosed whether any specific investigations or informants have been compromised. However, the bureau emphasised its ongoing efforts to adapt to emerging threats. “The FBI has a solemn responsibility to protect the identity and safety of confidential human sources, who provide information every day that keeps the American people safe, often at risk to themselves,” the agency said in a statement.
AT&T and other major telecom providers, including Verizon, have stated that they are collaborating with US authorities to strengthen cybersecurity measures. “After criminals stole customer data last year, we worked closely with law enforcement to mitigate impact to government operations,” stated AT&T spokesperson Alex Byers. National Security Adviser Jake Sullivan recently announced steps to address foreign-linked cyber-espionage campaigns targeting US telecom networks.
Read more: Salt Typhoon targets more US telecoms in widening attack campaign
