Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
US Telecom giant AT&T disclosed a breach in July that included call and text logs for six months in 2022 for “all” of its more than 100 million customers. In addition to exposing details of the personal communications of a large number of American individuals, the FBI was on alert because call records and text messages of its agents were also included in the hack. document It was first seen and reported by Bloomberg It indicates that the office was striving to mitigate any potential repercussions that might lead to the disclosure of the identities of anonymous sources related to the investigations.
The breached data did not include the content of the calls and text messages, but Bloomberg reported that it would have exposed call logs for the agents’ cell phone numbers and other phone numbers they used during the six-month period. It is unclear how widespread the stolen data is, if any. WIRED reported in July that after hackers attempted to extort AT&T, The company paid $370,000 in an attempt to delete the data. In December, US investigators charged and arrested a suspect It is said He was behind the party that threatened to leak the stolen data.
“The FBI is constantly adapting our operational and security practices as physical and digital threats evolve,” the FBI tells WIRED in a statement. The FBI has a solemn responsibility to protect the identity and safety of confidential human sources, who provide information every day that keeps the American people safe, and is often at risk.
AT&T spokesman Alex Byers said in a statement that the company “worked closely with law enforcement to mitigate the impact on government operations” and appreciates its “thorough investigation.” “Given the growing threat from cybercriminals and state actors, we continue to increase investments in security as well as monitoring and remediation of our networks,” Byers adds.
The situation is coming to the fore amid ongoing revelations of a different hacking campaign carried out by Chinese spy group Salt Typhoon, which has compromised a large number of US telecommunications companies, including AT&T. This separate situation exposed call logs and text messages to a smaller group of specific, high-profile targets, and in some cases included recordings as well as information such as location data.
While the US government was quick to respond, One recommendation from the FBI The Cybersecurity and Infrastructure Security Agency intended for Americans to use end-to-end encrypted platforms – e.g signal or WhatsApp– To communicate. Signal in particular stores almost no metadata about its customers and does not reveal which accounts have communicated with each other if they are hacked. This suggestion was sound advice from a privacy perspective, but was very surprising given the advice of the US Department of Justice Historical opposition To use end-to-end encryption. If the FBI is grappling with the possibility that its informants may have been exposed in a recent communications breach, this shift makes more sense.
If agents strictly follow investigative communications protocol, call logs and text messages stolen from AT&T shouldn’t pose much of a threat, says Jake Williams, a former NSA hacker and vice president of Hunter Strategy research. He says standard operating procedures should be designed to take into account the potential for call logs to be compromised, and should require agents to communicate with sensitive sources using phone numbers that have never been linked to them or the U.S. government. The FBI may have cautioned against the AT&T hack out of an abundance of caution, or it may have discovered that customer errors and protocol errors were captured in the stolen data, Williams says. “This would only be a counterintelligence issue if someone was not following procedures,” he says.
Williams also adds that while it is known that the Salt Typhoon campaigns only affected a relatively small group of people, they affected many telecommunications companies, and the full impact of those breaches remains unknown.
“I am concerned about FBI sources who may have been influenced by this exposure to AT&T, but more broadly, the public still does not have a full understanding of the ramifications of the Salt Typhoon campaigns,” Williams says. “And it appears the US government is still working to understand that as well.”
