The hackers responsible for the massive breach of AT&T data last year targeted phone numbers and records associated with top officials and their families, including members of the Trump family, Kamala Harris, and Marco Rubio’s wife. This breach, which impacted nearly all of AT&T’s customers’ call and text metadata, posed a significant national security risk as the hackers planned to release a lookup tool for a fee. The number of breached records was larger than previously reported, with hackers even targeting specific individuals like Melania Trump, Ivanka Trump, Jared Kushner, and Tiffany Trump.
Senator Ron Wyden expressed concern over AT&T’s lax cybersecurity and the FCC’s response to the breach, citing a threat to U.S. national security. The breach, which occurred in April 2024, involved the hackers breaking into an AT&T instance of Snowflake, a data warehousing tool, and enriching the stolen data with publicly available information to identify phone number owners.
The two hackers, identified as Connor Riley Moucka from Canada and John Binns, an American hacker living in Turkey, were associated with a community known as the Com, which includes hackers, fraudsters, and criminals. Binns was arrested in Turkey in May 2024, while Moucka is in the process of being extradited to the United States. The stolen data, which included 50 billion customer call and text records, also encompassed records related to FirstNet, AT&T’s first responder communications network.
Following the breach, serious questions were raised regarding AT&T’s security measures, including the lack of multi-factor authentication on the compromised Snowflake instance. The FBI warned agents that the data could impact the security of their confidential sources. The FCC, under the leadership of Brendan Carr, has been investigating the breach, but recent actions on the FCC’s website suggest a shift in focus.
The reinstatement of complaints against major networks by Carr’s FCC has drawn criticism from previous FCC Chair Jessica Rosenworcel, who raised concerns about the agency’s approach. The investigation into the AT&T breach and the FCC’s response remain subjects of public scrutiny as the fallout from the data breach continues to unfold.