AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people – nearly all of its customers. AT&T said it delayed disclosing the incident in response to “national security and public safety concerns,” noting that some of the records included data that could be used to determine where a call was made or text message sent. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).
You left out that they retain too much customer data.