US telecommunications giant AT&T disclosed a breach in July that included “almost all” of its more than 100 million customers’ call and text messaging logs from six months into 2022. In addition to exposing private communications details for many individual Americans, however, the FBI is on alert that its agents’ call and text records were also included in the breach. A document Spotted and first reported by Bloomberg This indicates that the bureau is seeking to minimize any potential consequences that could result from disclosures about the identities of unnamed sources connected to the investigation.
The breached data did not include the content of calls and texts, but Bloomberg reports that it may have shown communication logs for agents’ mobile numbers and other phone numbers over a six-month period. It’s unclear how widely the stolen data spread, if at all. WIRED reported in July that after hackers attempted to rob AT&T, The company paid $370,000 in an attempt to delete the data trove. In December, US investigators charged and arrested a suspect Allegedly The entity was behind threatening to leak the stolen data.
The FBI tells WIRED in a statement: “The FBI continually adapts our operational and security practices as physical and digital threats evolve. The FBI has a grave responsibility to protect the identity and security of undercover human resources, who every day provide information that keeps the American people safe, often putting themselves at risk.”
AT&T spokesman Alex Byers said in a statement that the company “worked closely with law enforcement to minimize the impact on government operations” and praised the “thorough investigation” they conducted. “Given the growing threat from cybercriminals and nation-state actors, we continue to monitor and improve our networks while increasing investment in security,” added Byers.
The situation comes amid ongoing revelations about a separate hacking campaign run by China’s Salt Typhoon spy group, which compromised several US telecoms, including AT&T. This separate situation exposed call and text logs for a small group of specific high-profile targets, and in some cases included recordings as well as information such as location data.
As the US government scrambled to respond, A recommendation from the FBI And the Cybersecurity and Infrastructure Security Agency is for Americans to use end-to-end encrypted platforms—like the signal or WhatsApp– To communicate. In particular stores Signal keeps almost no metadata about its customers and will not reveal which accounts have communicated with each other if it has been breached. This suggestion was sound advice from a privacy perspective, but it was surprising in view of the US Department of Justice. Historical resistance To use end-to-end encryption. If the FBI is grappling with the possibility that its own informants have recently been exposed by a telecom breach, however, the about-face makes more sense.
Jake Williams, a former NSA hacker and vice president of Hunter Strategy Research, says that if agents were strictly following investigative communications, however, the stolen AT&T call and text logs shouldn’t pose a major threat. Standard operating procedures should be designed for the possibility that call logs may be compromised, and agents should be required to communicate with sensitive sources using phone numbers that have never been linked to them or the US government. have not happened Williams says the FBI may have warned of AT&T’s breach out of an abundance of caution, or may have caught agent errors and protocol errors in the stolen data. “It wouldn’t be a counterintelligence issue unless someone was following a process,” he says.
Williams also said that, while the Salt Typhoon campaigns are known to have only affected a relatively small group of people, they affected many telecoms, and the full impact of those breaches may not yet be known. .
“I’m concerned about the FBI resources that may be affected by this AT&T exposure, but more broadly the public still doesn’t have a full understanding of the fallout from the Salt Typhoon campaigns,” Williams says. “And it looks like the U.S. government is still working on making sense of it.”
