We support our Publishers and Content Creators. You can view this story on their website by CLICKING HERE.

I was one of AT&T’s hundred million or so wireless customers unhappy to have learned this past July 12 that my call and text data had been illegally downloaded from AT&T’s primitively protected workspace on a third-party cloud platform: “Our investigation found that the downloaded data included phone call and text message records of nearly all of AT&T cellular customers from May 1, 2022 to October 31, 2022 as well as on January 2, 2023.” AT&T posted the notice here.

Well, thanks. It is hard to imagine a less informative advisory. AT&T added somewhat cryptically: “We understand that at least one person has been apprehended.” As far as I am aware, AT& T has supplied no additional information as of year-end. You don’t want to get too far out on the end of a limb with your hundred million customers.

My guess is that the AT&T breach has something to do with Salt Typhoon. According to Director Christopher Wray in all-employee town hall address, “we’re on the cusp of what may turn out to be the PRC’s broadest, most significant cyber espionage campaign in history with the telecommunications breach known as Salt Typhoon.” End of message.

One might reasonably infer that we are somewhere beyond the cusp that the spy balloon ain’t got nothin’ on Salt Typhoon. According to Zak Dorfman’s meandering December 6 Forbes story “FBI Warns iPhone And Android Users—Stop Sending Texts,” it seems that the CCP has compromised our major commercial wireless communications networks, or that it would be wise to act as though it has. According to AT&T and Verizon yesterday, however, the situation is under control.

Some translation is required here:

A senior FBI official told reporters [on December 3] that they began investigating Salt Typhoon’s activity in late spring of this year.

“Since the FBI first identified specific malicious activity targeting the sector, we’ve identified that PRC-affiliated cyber actors have compromised networks of multiple telecom companies to enable multiple activities,” the FBI official said. “First, the actors have stolen a large amount of records, essentially they stole data about where, when, and who individuals were communicating with.”

“Second, much more narrowly, the actors compromised private communications of a limited number of individuals who are primarily involved in the government or political activities. This would contain call and text content,” the official said. “As a third vector, the actors copied certain information that was subject to U.S. law enforcement requests pursuant to court orders.”

The FBI official told reporters that the call and text content that was obtained was “specific targeting,” and Greene emphasized the need for encrypting all communications.

However, Greene said that these are not “cookie cutter” compromises in terms of how deeply Salt Typhoon has been able to penetrate each victim organization.

As I say, some translation is required and the lingo is not mine. I am filing this under New You Can Use to follow up on your own.