• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

 | 

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

 | 

Hackers deploy fake SonicWall VPN App to steal corporate credentials

 | 

Mainline Health Systems data breach impacted over 100,000 individuals

 | 

Disrupting the operations of cryptocurrency mining botnets

 | 

Prometei botnet activity has surged since March 2025

 | 

The U.S. House banned WhatsApp on government devices due to security concerns

 | 

Russia-linked APT28 use Signal chats to target Ukraine official with malware

 | 

China-linked APT Salt Typhoon targets Canadian Telecom companies

 | 

U.S. warns of incoming cyber threats following Iran airstrikes

 | 

McLaren Health Care data breach impacted over 743,000 people

 | 

American steel giant Nucor confirms data breach in May attack

 | 

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

 | 

Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes' Data from Saudi Games

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 50

 | 

Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Iran confirmed it shut down internet to protect the country against cyberattacks

 | 

Godfather Android trojan uses virtualization to hijack banking and crypto apps

 | 

Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider

 | 

Linux flaws chain allows Root access across major distributions

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Digital ID
  • Intelligence
  • Mass Surveillance of Cell Phone Data by AT&T Service Provider

Mass Surveillance of Cell Phone Data by AT&T Service Provider

Pierluigi Paganini October 31, 2016

AT&T has been data-mining and willingly sharing user phone data, through its “Hemisphere” Project, which is essentially a mass surveillance program.

The NSA may be the well-known governmental entity notorious for conducting spy surveillance of its citizens and its massive record retention program, but the private sector is also capitalizing on such opportunities.  AT&T, a telecommunications conglomerate with diversified revenues of more than $146 billion reported in 2015, is branching out by selling its “Hemisphere” services to the US Justice Department.  AT&T has been data-mining and willingly sharing user phone data, through its “Hemisphere” Project, which is essentially a mass surveillance program.  The Hemisphere program, first whispered about as early as 2013, reportedly utilizes data provided by the cell phone company dating back to the 1980s.

AT&T has not commented publically on the program, but reported documents published highlight the fact that the telephone company is providing the service through its already established infrastructure.  All at the cost of additional fees to the buyer, of course.

AT&T has collected and retained, in the past, phone call logs and other “Metadata” with of extensive 380 million user database.  Research conducted by the NSA revealed that telephone metadata can reveal sensitive personal information of the user.  Collected meta-data consists of non-content phone user information, which can pose a threat to user privacy.

att-mass-surveillance-hamisphere-project

Image: The logo of the “Hemisphere Project” (AT&T)

Verizon Communications has also been the subject of a forced compliance order issued by the U.S. Foreign Intelligence Surveillance Court that resulted in handing over electronic data to the NSA.  This data included all calling records maintained on a daily basis- without disclosure to the user.  The order itself covered location, frequency, and duration of the calls, but not the actual content of the communication.  Additionally, the user is not aware of any such privacy invasions nor may be the subject of any criminal investigations.

Previously, the NSA might have been the only entity that had the resources to support such surveillance with the infrastructure to house such extensive data.  AT&T’s access to its hundreds of millions of customer, however, gave the telecommunications company ample opportunity and infrastructure to collect data on everything that happens within its network.  The communication of two or more users in regards to “who”, “what”, “when”, and “where” are collected and stored.  This data, accessed through AT&T’s vast user network, along with the location data provided by cell phones, leaves a distinct digital trail that law enforcement should be able to follow.  We’re talking about a massive amount of information, especially considering AT&T’s market share and reach.  AT&T’s landline customers alone consist of more than 75% of the entire market share.

Documents revealed confirm a link between the collections of phone data to the formation of an “alliance” with law enforcement agencies, who are eager for such information provided by AT&T’s vast network. The revenue received by AT&T for such a service, although morally or ethically ambiguous in nature, amounts to millions per year.

AT&T’s willingness to data-mine information is one unique characteristic of this alliance.  Usually, a private entity provides such information under the enforcement of a legal warrant.  AT&T itself seeking an alliance (a sort of public-private partnership) with a governmental agency, is a rather different type of partnership.

Cell phone providers, in the past, have hardly played such a cooperative role, and certainly not such a prosperous one.  FBI’s battle with Apple regarding the San Bernardino shooter’s iPhone indicated that Apple publically opposed such an alliance.  It refused to cooperate with investigators in order to create software that would unlock the shooter’s iPhone.  Apple believed that creating, in essence a backdoor to unlock its software, would set a dangerous precedent.  Apple ultimately propagated against the invasion of cell phone privacy by refusing to cooperate with investigators in a terrorism case.  AT&T has no such reservations.

Formerly, the US-NSA has had legal authority to access phone user information under the USA Patriot Act of 2001.  Some of the same powers granted to the USA Patriot Act are now available under the USA Freedom bill (2016), but with some restrictive guidelines.  The NSA is also facing several lawsuits filed by the American Civil Liberties Union (ACLU) over its controversial bulk collection of phone data.  Several rulings have vilified the ACLU’s claim on the basis that:

“While others who have brought legal challenges to the bulk collection program, plaintiffs [in this case] lack direct evidence that records involving their calls have actually been collected.”

AT&T’s stand on these published documents is in opposition to Snowden’s views on the matter.

att-mass-surveillance-2

[IMAGE] Edward Snowden’s on the cover of Time in 2013.

Edward Snowden, in an interview with European reporters on Oct. 26th 2016, further fueled the massive public debate on mass surveillance by cell phone service providers.  Snowden claimed that the public is not able to stop targeted surveillance from huge government organizational programs.  According to him, this was the reason behind the massive data breaches and cyber-attacks that have taken place in recent years:

“In our current state of the art, offense is easier than defense. This is an unfortunate artifact of the fact that governments around the world have prioritized offensive capabilities for the benefit of spying on people so much more strongly than they have defensive capabilities, preventing our countries from being hacked”.

In the continuing saga of Edward Snowden, his comments on the cooperation of AT&T with governmental agencies suggest that governmental agencies are focusing most of their resources on the offensive-end, leaving them vulnerable to defend against massive data breaches and hacks.  Because of a lacking in defense, vulnerabilities can be exploited, as evidenced by the cyber-attack at the Office of Personnel Management, the recent Democratic National Committee hacks, and other such infrastructural attacks.  These could have been prevented with a focus on bolstering defense:

“[Its] fear of the power grid being attacked—these were preventable problems”- Edward Snowden

If such cyber-attacks can compromise the security of private and governmental agencies, then what is the defense against such a compromise in critical sectors, such as energy or manufacturing?  Previous Reports, published in 2015, have in fact stated that the energy sector in the U.S. is not prepared to defend itself against cyber threats.

Snowden’s reasoning isn’t incorrect as he makes a justifiable argument.  Moreover, his narrative has consistently warned of mass surveillance activities taking place without the knowledge of the mass public.  He has sacrificed his entire career on reporting breaches of user privacy by intelligence agencies.  The former NSA contractor is a whistle-blower, he exposed the questionable practices of his employer, a governmental agency, but he is also an advocate of safeguarding user privacy at the hands of surveillance agencies.

You may ask, “If AT&T volunteers user phone information- is it still illegal?”  The answer lies somewhere in the middle.  In essence, this is capitalism at its finest, an exchange between buyer and seller that constitutes a business transaction.  The information at the heart of this debate is legitimized at the source and wrapped around an added financial incentive.  However, the threat of user privacy against mass surveillance is a very real one, and not just in the U.S.

About the Author

Allena Dominus is an easily excitable tech user who loves to review and write about her experiences in the tech world. She works as the research evangelist for VPN Analysis. Her educational background is in digital marketing strategy and management information systems, which has allowed her to approach technology and media from the end user perspective. She is currently pursuing her master’s degree in management from the University of New Orleans.

Additional Sources: 

Published Reports: https://assets.documentcloud.org/documents/3174545/Sbsw-14-1294-Cj-Phone-2-8951.pdf

[The Daily Beast] AT&T Is Spying on Americans for Profit, New Documents Reveal

 

[adrotate banner=”9″] [adrotate banner=”12″]

Edited by Pierluigi Paganini

(Security Affairs – SURVEILLANCE, , AT&T)

[adrotate banner=”5″]

[adrotate banner=”12″]


facebook linkedin twitter

AT&T CELLPHONE PRIVACY data mining Hemisphere program MASS SURVEILLANCE meta data privacy

you might also like

Pierluigi Paganini June 26, 2025
U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog
Read more
Pierluigi Paganini June 26, 2025
CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

    Security / June 26, 2025

    CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

    Hacking / June 26, 2025

    Hackers deploy fake SonicWall VPN App to steal corporate credentials

    Hacking / June 25, 2025

    Mainline Health Systems data breach impacted over 100,000 individuals

    Data Breach / June 25, 2025

    Disrupting the operations of cryptocurrency mining botnets

    Malware / June 25, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT