The FBI is reportedly in a panic over a possible leak of informant data thanks to an AT&T data breach.
Bloomberg says it has obtained an internal document from the Bureau discussing the risk posed to its investigations thanks to call records that were included in the data stolen in the breach.
The report notes that the FBI has been taking steps to secure both its agents and their sources who may have been exposed by the stolen logs.
While the data has yet to be dumped in public underground forums, the fear is that the hackers themselves or the nation-state sponsoring them could be mining the cache to obtain agent call and text logs.
The worry, according to the FBI, is that the call data could be obtained by criminal or espionage organizations and the logs used to unmask confidential informants, potentially compromising investigations and putting informants’ lives at risk.
The FBI has yet to officially confirm or deny the accuracy of the report or the authenticity of the document.
The data in question was said to have been pilfered during an attack occurring in April last year. When it disclosed the breach, AT&T said the attack was the result of a supply-chain attack connected to the breach as service provider Snowflake.
It was said at the time that the breach impacted around 100 million accounts, nearly all of AT&T’s US wireless customer base. The lost data included customer call logs as well as text records generated between May 1 and October 31 in 2022.
In addition to the company’s direct customers, the breach also impacted data from those using its virtual network operator partners.
The breach was one of many major data exposure incidents to have inspired legislators in the US to push for stricter reporting laws and harsher penalties for companies that fail to report data breach incidents in a timely manner.
The FBI response also shows why those stricter laws could be particularly useful to law enforcement as it would allow those agencies to quickly spot and move to protect both agents and sources who could potentially be put in harm’s way.
