United States telecom giant AT&T in July disclosed a breach involving six months of call and text messaging logs in 2022 of “almost all” of its more than 100 million customers. However, in addition to exposing personal communication details for many Americans, the FBI has been cautious that its agents' call and text records were also included in the breach. a document First spotted and reported by Bloomberg indicates that the Bureau is struggling to minimize any potential fallout that could arise from revelations about the identities of anonymous sources connected to the investigation.
The breached data did not include the content of calls and texts, but Bloomberg reports that it may have shown communication logs of the agents' mobile numbers and other phone numbers they used during a six-month period. It's unclear how widely the stolen data was spread, if at all. WIRED reported in July that after hackers attempted extortion from AT&T, Company paid $370,000 in effort to remove data repositoryIn December, US investigators charged and arrested a suspect Allegedly Was behind the entity that threatened to leak the stolen data.
The FBI told WIRED in a statement: “The FBI continues to adapt our operational and security practices as physical and digital threats evolve. The FBI has a grave responsibility to protect the identity and security of confidential human sources who provide information that keeps the American people safe every day, often at risk to themselves.
AT&T spokesman Alex Byers said in a statement that the company “worked closely with law enforcement to minimize the impact on government operations” and appreciates the “thorough investigation” they conducted. “Given the growing threat from cyber criminals and nation-state actors, we continue to monitor and improve our networks while increasing investment in security,” says Byers.
The situation comes amid ongoing revelations about a separate hacking campaign run by China's Salt Typhoon espionage group, which has compromised several US telecoms, including AT&T. This isolated situation exposed call and text logs to a small group of specific high-profile targets, and in some cases included information such as location data along with the recordings.
As the US government struggled to respond, A recommendation from the FBI And the Cybersecurity and Infrastructure Security Agency has been for Americans to use end-to-end encrypted platforms Signal Or WhatsApp-To communicate. Notably Signal stores almost no metadata about its customers and would not reveal which accounts communicated with each other if it was breached. This suggestion was good advice from a privacy standpoint, but it was surprising considering the US Department of Justice historical opposition For use of end-to-end encryption. However, if the FBI is grappling with the possibility that its own informants may have been exposed by a recent telecommunications breach, this position makes more sense.
However, if agents were strictly following investigative communications, the stolen AT&T call and text logs should not pose a major threat, says Jake Williams, a former NSA hacker and vice president of Hunter Strategy Research. He says standard operating procedures should be designed to take into account the possibility that call logs could be compromised, and agents should be required to communicate with sensitive sources using phone numbers that are never used. Have also not been associated with them or the US government. Williams says the FBI could have alerted AT&T about the breach out of an abundance of caution, or discovered that agents' mistakes and protocol errors had factored into the stolen data. “It wouldn't be a counterintelligence issue unless someone was following procedure,” he says.
Williams also says that although it is known that the Salt Typhoon campaigns affected a relatively small group of people, they affected many telecommunications, and the full impact of those breaches may still not be known.
Williams says, “I am concerned about FBI sources who may be affected by this AT&T exposure, but the public at large still does not have a full understanding of the fallout from the Salt Typhoon campaigns.” “And it looks like the U.S. government is still working on understanding it.”