US telecommunications giant AT&T announced a breach in July that involved phone and text messaging logs from six months into 2022 from “almost all” of its more than 100 million customers. In addition to exposing details of personal communications for several Americans, the FBI has been alerted that the agent’s phone and text records were also included in the breach. Documents seen and first reported by Bloomberg show that the bureau has been scrambling to reduce the possibility of incidents that could lead to revelations about the identity of anonymous sources connected to the investigation. The breached data did not include the contents of phone calls and texts, but Bloomberg reports that it will share communication logs for agents’ mobile numbers and other phone numbers used for six months. It’s unclear how the stolen data was distributed, if at all. WIRED reported in July that after hackers tried to extort AT&T, the company paid $370,000 to try to delete the trove of data. In December, US investigators charged and arrested a suspect who was reportedly behind an entity that threatened to leak stolen data. The FBI has a serious responsibility to protect the identity and security of confidential human resources, who provide information every day to keep Americans safe, often at great risk to themselves. with law enforcement to reduce the impact on government operations” and appreciate the “thorough investigation” they conducted. “Due to the increased threat from cybercriminals and nation-state actors, we continue to increase investment in security as well as monitor and remediate our network,” Byers added. espionage group , which compromises many US telecoms, including AT&T. This separate situation exposes a smaller group of high-profile targets, and in some cases includes information like location data end-to-end encryption – like Signal or WhatsApp – for communication. Signal in certain stores has almost no metadata about customers and will not reveal which accounts have communicated with each other. This advice is good advice from a privacy perspective, but surprisingly because of the historic opposition of the US Department of Justice on the use of end-to-end encryption. If the FBI has grappled with the possibility that the informant itself has also been exposed by publishing new telecommunications, though, the chapter-face makes more sense. Text logs should not pose a big threat, said former NSA hacker and Hunter Strategy vice president of research Jake Williams. Standard operating procedures must be designed to account for the possibility that phone logs can be compromised, he said, and agents must communicate with sensitive sources using phone numbers that have been linked to them or the US government. The FBI may have warned of AT&T’s breach out of caution, Williams said, or it may have discovered that agent errors and protocol errors were captured in the stolen data. “It wouldn’t be a counterintelligence issue unless someone didn’t follow the procedures,” he said. the full impact of the breach may not be known. the fallout of the Salt Typhoon campaign,” Williams said. “And it looks like the U.S. government is still working on that.”
